Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe

Overview

General Information

Sample name:SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Analysis ID:1432432
MD5:5ae909472f400d4341e93df71d808377
SHA1:a6de8d54c5b3e6947bc4fe473e0df4ba05a736c9
SHA256:82be867f27b0d808f9e6675cdf74ffe071b9e0e0f0168e31b7a94e5226e08bd2
Tags:exe
Infos:

Detection

Score:30
Range:0 - 100
Whitelisted:false
Confidence:0%

Compliance

Score:33
Range:0 - 100

Signatures

Found direct / indirect Syscall (likely to bypass EDR)
AV process strings found (often used to terminate AV products)
Contains functionality for read data from the clipboard
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to enumerate running services
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to retrieve information about pressed keystrokes
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates COM task schedule object (often to register a task for autostart)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
EXE planting / hijacking vulnerabilities found
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
File is packed with WinRar
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
PE file does not import any functions
Queries information about the installed CPU (vendor, model number etc)
Sample file is different than original file name gathered from version info
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses the system / local time for branch decision (may execute only at specific dates)

Classification

Analysis Advice

Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--")
Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox
Sample has a GUI, but Joe Sandbox has not found any clickable buttons, likely more UI automation may extend behavior
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior
Sample has functionality to log and monitor keystrokes, analyze it with the 'Simulates keyboard and window changes' cookbook

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe (PID: 3484 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe" MD5: 5AE909472F400D4341E93DF71D808377)
    • PostUpdate.exe (PID: 7836 cmdline: "C:\Users\user\Desktop\PostUpdate.exe" MD5: B011082B19F6B97E7EF8611B31C60CE2)
      • ProcessLasso.exe (PID: 8048 cmdline: /postupdate MD5: 4D2AAE8E1F74C5A153CA003546FF217C)
        • chrome.exe (PID: 8144 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 5764 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=1720,i,12997719605534959893,6831416874331468599,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7672 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 1928 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1992,i,4293187705668066289,15972859039918454721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 6816 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 7972 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1964,i,13270427420856175794,1509384985464530,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 3848 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 3236 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,6968930643493135927,8005255390743799941,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7016 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 7772 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1896,i,7178996704446796536,16546988757165640423,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 2324 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 6364 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,14095325021809620615,2370060676840329805,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 4584 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 4592 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1960,i,15884539196100534553,13935790719083973572,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 5964 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 6704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,7770318286161706758,8697429217068731838,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 4428 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 8108 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1980,i,14311972056982275594,10984696189209996236,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7684 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 5840 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1844,i,6611676962095983694,9654412610864421321,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 480 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 1720 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1980,i,3494391659014450711,15666856029738290658,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 3916 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 5328 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2000,i,17513695124220267583,1691441907676113592,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 3336 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 6248 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,5733970221364913042,4539587496349365289,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 6192 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 5788 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,1855896387700206653,3917910617862819512,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7924 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 8 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1996,i,6687144587041723826,9523744997039119914,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6732 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://%3cfnc1%3e(79)/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 7268 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1896,i,18253400173548351382,657115916745803150,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • bitsumsessionagent.exe (PID: 8040 cmdline: C:\Users\user\Desktop\bitsumsessionagent.exe ---------------------------------------------------------------- MD5: 15A2FFF14C68DDDB8DC868ABEBDB6B6A)
  • bitsumsessionagent.exe (PID: 7824 cmdline: C:\Users\user\Desktop\bitsumsessionagent.exe ---------------------------------------------------------------- MD5: 15A2FFF14C68DDDB8DC868ABEBDB6B6A)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\testlasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\CPUEater.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ThreadRacer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\TweakScheduler.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\vistammsc.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\InstallHelper.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ProcessLasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ProcessGovernor.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\Insights.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\LogViewer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\plActivate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\bitsumsessionagent.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeEXE: C:\Users\user\Desktop\QuickUpgrade.exeJump to behavior
Source: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=falseHTTP Parser: No favicon
Source: https://m.stripe.network/inner.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=falseHTTP Parser: No favicon
Source: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=bdcf309f-c914-4675-b703-3cdaae015472419473&sid=cf5b381f-d5d3-44ee-9572-244df1775810575440&version=6&preview=falseHTTP Parser: No favicon

Compliance

barindex
EXE planting / hijacking vulnerabilities found
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\testlasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\CPUEater.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ThreadRacer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\TweakScheduler.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\vistammsc.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\InstallHelper.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ProcessLasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\ProcessGovernor.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\Insights.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\LogViewer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\plActivate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\bitsumsessionagent.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeEXE: C:\Users\user\Desktop\PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeEXE: C:\Users\user\Desktop\QuickUpgrade.exeJump to behavior
Uses 32bit PE files
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
PE / OLE file has a valid certificate
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: certificate valid
Uses secure TLS version for HTTPS connections
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49900 version: TLS 1.2
Contains modern PE file flags such as dynamic base (ASLR) or NX
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Binary contains paths to debug symbols
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_polish.pdb source: pl_rsrc_polish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdb source: LogViewer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdb source: pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008165000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\testlasso.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdb source: PostUpdate.exe, 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp, PostUpdate.exe, 00000004.00000000.1691618206.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb$ source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdbi source: InstallHelper.exe.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdbZ source: PostUpdate.exe, 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp, PostUpdate.exe, 00000004.00000000.1691618206.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdb source: Insights.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdba source: CPUEater.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008114000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdbd source: Insights.exe.0.dr
Source: Binary string: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdbGCTL source: pl_rsrc_russian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdbJ source: LogViewer.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: c:\pl\output\ProcessLassoLauncher.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp, ProcessLassoLauncher.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008165000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdbGCTL source: ProcessGovernor.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\x64\Release\bitsumsessionagent.pdb source: bitsumsessionagent.exe, 00000005.00000000.1725416053.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp, bitsumsessionagent.exe, 00000005.00000002.2874427195.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp, bitsumsessionagent.exe, 00000007.00000002.1757953890.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp, bitsumsessionagent.exe, 00000007.00000000.1752515463.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdb source: CPUEater.exe.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdbT source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdb source: ProcessGovernor.exe.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdb source: InstallHelper.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdb source: pl_rsrc_russian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdbY source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008114000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdbGCTL source: pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\ProcessLasso.pdb source: ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\plActivate.pdb source: plActivate.exe.0.dr
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServerJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\ElevationJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0058BA94 FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,0_2_0058BA94
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0059D420 SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SetDlgItemTextW,SendDlgItemMessageW,FindFirstFileW,_swprintf,SetDlgItemTextW,FindClose,_swprintf,SetDlgItemTextW,SendDlgItemMessageW,_swprintf,SetDlgItemTextW,_swprintf,SetDlgItemTextW,0_2_0059D420
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C6A94 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,4_2_00007FF61D3C6A94
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B72048 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,5_2_00007FF714B72048
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8C1C90 FindFirstFileW,GetFileAttributesW,FindNextFileW,_invalid_parameter_noinfo,DeleteFileW,DeleteFileW,RemoveDirectoryW,GetFileAttributesW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,FindFirstFileW,DeleteFileW,FindNextFileW,RemoveDirectoryW,GetFileAttributesW,6_2_00007FF72D8C1C90
Source: Joe Sandbox ViewIP Address: 151.101.0.176 151.101.0.176
Source: Joe Sandbox ViewIP Address: 198.137.150.141 198.137.150.141
Source: Joe Sandbox ViewIP Address: 192.0.76.3 192.0.76.3
Source: Joe Sandbox ViewIP Address: 192.0.76.3 192.0.76.3
Source: Joe Sandbox ViewIP Address: 44.237.125.219 44.237.125.219
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8E4070 InternetOpenW,InternetOpenUrlW,InternetReadFile,InternetCloseHandle,InternetCloseHandle,6_2_00007FF72D8E4070
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+79UPCBWOyUrAT4&MD=aNBF4HwC HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-digital-downloads-pro/includes/blocks/assets/css/edd-blocks.css?ver=3.2.11 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/redux-framework/redux-core/assets/css/extendify-utilities.css?ver=4.4.15 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/bitsum-wp//css/edd-supplemental-styles.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/theme-my-login/assets/styles/theme-my-login.min.css?ver=7.1.7 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /v3/?ver=v3 HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.css?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-digital-downloads-pro/assets/css/edd.min.css?ver=3.2.11 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-software-licensing/assets/css/edd-sl.css?ver=3.8.11 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-multi-currency/assets/build/style-frontend.css?ver=1.1.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-recurring/assets/css/styles.css?ver=2.12.3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/css/plugins.css?ver=20231028 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/style.css?ver=202306092 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/css/custom.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/jetpack/css/jetpack.css?ver=13.3.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Legacy/ajax.min.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-recurring/assets/js/edd-frontend-recurring.js?ver=2.12.3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /js/anchor-offset.js?ver=2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178118 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/GalleryDisplay/common.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/lightbox_context.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.easing-1.3.pack.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178124 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
Source: global trafficHTTP traffic detected: GET /e-202417.js HTTP/1.1Host: stats.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.pack.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-digital-downloads-pro/assets/js/edd-ajax.js?ver=3.2.11 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/nextgen_fancybox_init.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/fonts/open-sans/opensans-regular-webfont.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/wp-content/themes/meminz/style.css?ver=202306092Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-multi-currency/assets/build/frontend.js?ver=1.1.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/js/plugins.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/js/custom.js?ver=20231102 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4629&rand=0.3235756268755505 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /inner.html HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://js.stripe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4629&rand=0.3235756268755505 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /out-4.5.43.js HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://m.stripe.network/inner.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178132 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3385&rand=0.4022322553563107 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5823933832413537 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3385&rand=0.4022322553563107 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/favicon.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5823933832413537 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/favicon.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178139 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/fonts/open-sans/opensans-bold-webfont.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/fonts/open-sans/opensans-light-webfont.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2815&rand=0.33463708251087443 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2815&rand=0.33463708251087443 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178146 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178148.31.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2995&rand=0.5630717407710482 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2995&rand=0.5630717407710482 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178148.31.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+79UPCBWOyUrAT4&MD=aNBF4HwC HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178153 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1901&rand=0.5844304853361733 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1901&rand=0.5844304853361733 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178159 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3229&rand=0.6605735035558935 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3229&rand=0.6605735035558935 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178167 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2888&rand=0.17584099737033543 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178168.11.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2888&rand=0.17584099737033543 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178168.11.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178174.5.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178175 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178174.5.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.9114243600301877 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.9114243600301877 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
Source: global trafficHTTP traffic detected: GET /v3/?ver=v3 HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "206d0cb0f8a398cba3f6c5c045508c70"If-Modified-Since: Fri, 26 Apr 2024 18:01:23 GMT
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178180 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3282&rand=0.5681925783642812 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3282&rand=0.5681925783642812 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178182.60.0.0
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178182.60.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178187.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178187 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178187.55.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1852&rand=0.7873146752310403 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1852&rand=0.7873146752310403 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178194 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3020&rand=0.2054094452619757 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3020&rand=0.2054094452619757 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178201 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1673&rand=0.4563951407778424 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178201.41.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1673&rand=0.4563951407778424 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178201.41.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178201.41.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178207 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178208.34.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2620&rand=0.6121610810402847 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178208.34.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2620&rand=0.6121610810402847 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178208.34.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178214.28.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178214 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178214.28.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1709&rand=0.9026727643311079 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178214.28.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1709&rand=0.9026727643311079 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
Source: chromecache_214.3.drString found in binary or memory: "https://www.facebook.com/StripeHQ", equals www.facebook.com (Facebook)
Source: chromecache_214.3.drString found in binary or memory: "https://www.linkedin.com/company/stripe/", equals www.linkedin.com (Linkedin)
Source: chromecache_214.3.drString found in binary or memory: href="https://www.youtube.com/watch?v=GnSlQz-14JY" equals www.youtube.com (Youtube)
Source: chromecache_195.3.drString found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: bitsum.com
Source: global trafficDNS traffic detected: DNS query: js.stripe.com
Source: global trafficDNS traffic detected: DNS query: stats.wp.com
Source: global trafficDNS traffic detected: DNS query: v0.wordpress.com
Source: global trafficDNS traffic detected: DNS query: analytics.google.com
Source: global trafficDNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: pixel.wp.com
Source: global trafficDNS traffic detected: DNS query: m.stripe.network
Source: global trafficDNS traffic detected: DNS query: m.stripe.com
Source: global trafficDNS traffic detected: DNS query: stripe.com
Source: unknownHTTP traffic detected: POST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178118368&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=0&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=4182 HTTP/1.1Host: analytics.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://bitsum.comX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: ThreadRacer.exe.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
Source: chromecache_246.3.drString found in binary or memory: http://daneden.me/animate
Source: chromecache_246.3.drString found in binary or memory: http://fontawesome.io
Source: chromecache_246.3.drString found in binary or memory: http://fontawesome.io/license
Source: chromecache_219.3.dr, chromecache_246.3.drString found in binary or memory: http://getbootstrap.com)
Source: chromecache_250.3.drString found in binary or memory: http://go.wpbakery.com/licensing
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0A
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0C
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0X
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://www.digicert.com/CPS0
Source: chromecache_219.3.drString found in binary or memory: http://www.gmarwaha.com/jquery/jcarousellite/
Source: pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://Bitsum.com
Source: ProcessLasso.exeString found in binary or memory: https://activate.bitsum.com/?
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.dr, plActivate.exe.0.drString found in binary or memory: https://activate.bitsum.com/?Process
Source: ProcessLasso.exeString found in binary or memory: https://activate.bitsum.com/check.php
Source: chromecache_195.3.drString found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_195.3.drString found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_214.3.drString found in binary or memory: https://assets.ctfassets.net
Source: chromecache_214.3.drString found in binary or memory: https://assets.ctfassets.net/fzn2n1nzq965/01hMKr6nEEGVfOuhsaMIXQ/c424849423b5f036a8892afa09ac38c7/fa
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2)
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/AnimatedCodeEditor-86776e0635434fc49715.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/AnimatedIcon-0b7478e1f9234aae8838.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/AtlasDashboardGraphic-042f01c5c5f7a5d7ca1a.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/BackgroundGlobe-64953aedea5f231d07b7.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Bootstrapper-U4EH6MZP.js
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/BrandModal-77aed9e8900fc44f1554.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/BrandModalGraphic-e9e1fc8f4c2bf8a9bd44.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CaseStudyCard-60f3f5412530e6e993e8.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CheckoutFormGraphic-b2509d821651cbc82709.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditor-6eacb8e42c7465ddd557.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAsciiLoader-c1a350cb85f7a989f599.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAutocomplete-dc62d89d9e2121e48baf.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorCursor-517911b19e66c94dafbb.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorLineNumbers-0eded1c84476ec649145.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorStatusBar-24c7c84123b2b6e4f091.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeSyntax-e0768ef33503219c518d.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeTerminal-ca23848effb056969042.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CopyTitle-c641e014b3946628bc95.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCardBackground-853f685776c80eaa0089
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCardOverlay-09e527d11b6471566771.cs
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarousel-6ad3f0dce85838a77d8b.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavGroup-41fa77c08914b1b778
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavItem-fd5a8f8fac232f661b3
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavTrack-1380f9c2e275695c5e
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/DevelopersCodeEditor-eadbd8bbcdedd8edbbe3.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/DomGraphic-5a317684eb2b9d1f76d2.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/EnterpriseCarouselAside-b05102a0b81de0c11406.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Field-ea906aa31d4012757deb.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Flag-0530f6f8a0ae1e011860.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Form-401d42df82b6e8482f06.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Frontdoor-4513faa7ba2dd8949ee2.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingAnimation-fa25c03988d3d1f36a35.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingGraphic-c9e3aeda05ab14a454b1.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingGraphicLogo-2cee099c6b840fb58d86.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingGraphicTier-4d3b73ee5f599b93aa50.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnectAnimation-f4ce77b995975fa55335.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnectFlowDiagram-bcf0320e44c152e1ca03.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnectFlowDiagramOrderNotification-b0f6b26d
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnection-192c60d5ff4ac27dec4f.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorGraphic-ab42746a2bb65d850037.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorGraphicImage-ff4d221174ca6cab4402.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorGraphicOutline-cbb29a27650befdb3913.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIcon-f22f360dadf72ca61a47.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-f5ddeb3e7d94044a9646.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconOutline-2c0929473dcd28db2e99.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIssuingAnimation-ba03e22ccfea12d68c6c.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIssuingCard-b80b51aa94acdc8a688e.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-71bdbfda51a40294b593.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsGraphic-45fe2caceea82c749c40.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStandaloneAnimation-5aefb3912ae346b5293e.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStickyAnimation-4ea4d6a5e9b414987337.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSubanimation-b9163916332f2a67d464.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSuiteAnimation-683958a93f82ca151ea7.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GlobalizationPicker-cb59e0de1d5c3aeaa184.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Globe-b2159f87180df559d2e8.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GradientLegend-f1cabc70fbf82f3e9c05.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicForm-7d75b8ba72e0304da82c.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormField-33f78921d62dc714d424.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldList-5317148749a9268ec04d.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GridLayout-0b90e779a89c0243e739.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/HorizontalOverflowContainer-0b85e8f46a0db21a6ef9.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Icon-646136cd9e336d8c18d7.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/List-d4c6ad06c173a7dca2ed.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/LocaleControl-09ce62c550a15bb456e5.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/LowCodeNoCode-de32a3423ce25c839d82.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/MobileStickyNav-e95ca4c4af5266ca01f2.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/MobileStickyNavControl-1518a74559667e928374.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/PaymentLinksFeatureGraphic-6c9382201d4ede7c851a.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Picture-3f0067e6b392244c9bda.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ProductBadge-aa2497ab8abdcc6a3d34.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ProductFeatureCard-4476eb8c383446c052aa.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ProductListing-3e17d7acee941b127dd1.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/RowLayout-9272a8ee72d3dac4a6ef.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/SiteFooterSection-1c0a8e1d30b69be4ef69.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/SiteFooterSectionSupportLinkList-US-bf39e598e6b8dad8c
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StartUp-889f28d89767c8a9d60f.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Stripe-b3679504f08482f96a0d.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StripeProductUsed-448c2bc0913c408517f4.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StripeProductUsedList-4a8c16b5e5f3fa51247d.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StripeSet-423109ad4bf57a2a011c.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Track-2f2fce741fc3d8fc8450.css
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff)
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff2
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff2)
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/imt-c6ded89a5ffeadd7b2d892a031e97252.js
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/store-936f0d847a16164e7f6b15d74659c4a9.html
Source: chromecache_214.3.drString found in binary or memory: https://b.stripecdn.com/stripethirdparty-srv/assets/
Source: pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com-sivusto.
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com-sivustolta.
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com.
Source: pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008075000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drString found in binary or memory: https://bitsum.com/%xtweakscheduler.exelassopecparkbitsumalaInstallerLanguageDWORDBitsumSOFTWARE
Source: pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/1A
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_english.dll.0.dr, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.com/3Current
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/4
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/4Version
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/7Aktuelle
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.drString found in binary or memory: https://bitsum.com/9La
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/:La
Source: pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/=Wersja
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.drString found in binary or memory: https://bitsum.com/?prod=pl&update_error_sigError
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/apps/coredirector
Source: LogViewer.exe.0.drString found in binary or memory: https://bitsum.com/bad
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.com/changelog/pl/changes.htm#latest?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/changelog/pl/changes.htm#latest?inproduct(Virtuelle
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/changes/processlasso/
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008075000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drString found in binary or memory: https://bitsum.com/check.phphttps://activate.bitsum.com/check.phpCHECK_OKUNSPECIFIEDstring
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/cpubalance/%dProBalanceProBalanceToday%s
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/docs/pl
Source: ProcessLasso.exe, 00000006.00000003.2626467419.0000021EFA336000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1#a
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=16F8
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000003.2626467419.0000021EFA336000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1=1
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1?
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Ia
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1JT
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1SD
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1s
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1z6R
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/get-process-lasso-server-edition/
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008075000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drString found in binary or memory: https://bitsum.com/get-process-lasso-server-edition/-https://activate.bitsum.com/?Process
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/get-process-lasso-server-edition/https://activate.bitsum.com/?Process
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/keep-running-gaas-info
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/keep-running-gaas-infoGlobal
Source: ProcessGovernor.exe.0.drString found in binary or memory: https://bitsum.com/minidumps
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/minidumps/
Source: pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/minidumps/.
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000083B9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008935000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007C4F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000081CB000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008F05000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007878000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008D14000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008749000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008B1E000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000090F5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008580000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007A60000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.0000022626341000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC1C1000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/parkcontrol/
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/parkcontrol/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct0VIRHE
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct6ERROR
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct:ERRORE
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductCERREUR
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductE
Source: pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductFERRO
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductFERROR
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductH
Source: pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductIBA
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/portfolio/cpubalance/FThttps://bitsum.com/members/purchase-history/14.0.3.3
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/processlasso-docs/#processmatch
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/processlasso-docs/#processmatch;
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/processlasso-docs/#processmatchhttps://activate.bitsum.com/check.phpCHECK_OKarbgc
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000083B9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008935000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007C4F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000081CB000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008F05000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007878000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008D14000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008749000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008B1E000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000090F5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008580000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007A60000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.0000022626341000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC1C1000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/
Source: pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct1Quedan
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct2Za
Source: pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct7H
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct7Process
Source: pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct8PozostaB
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct:Es
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct:Il
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct;There
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct?
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/processlasso/Explorer-Process
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/purchase/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/purchase/commercial/?inproduct1https://bitsum.com/processlasso/serve
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductO
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductT
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproducta
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductd
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductu
Source: pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductw
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproduct~
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/step1/
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/step1/writetestFT%d%l%s
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/support.
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/support/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/support/?inproducte
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.com/support/?inproductf3uW03
Source: pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure#
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure$
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure/
Source: pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure5
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureG
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureH
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureN
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureS
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_italian.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureU
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureV
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureX
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure_
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/translate/
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/translate/-
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://bitsum.com/translate//
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/translate/ERROR-
Source: pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.com/translate/F
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, QuickUpgrade.exe.4.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com0/
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com3
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://bitsum.com5
Source: pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.comD
Source: pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.comLBitsumX
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.comb
Source: chromecache_195.3.drString found in binary or memory: https://cct.google/taggy/agent.js
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://cn.bitsum.com
Source: chromecache_214.3.drString found in binary or memory: https://dashboard.stripe.com/
Source: chromecache_214.3.drString found in binary or memory: https://dashboard.stripe.com/register
Source: chromecache_271.3.dr, chromecache_266.3.drString found in binary or memory: https://fontawesome.com
Source: chromecache_271.3.dr, chromecache_266.3.drString found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_242.3.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_242.3.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_242.3.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_242.3.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_242.3.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_242.3.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_242.3.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_219.3.drString found in binary or memory: https://github.com/ganeshmax/jcarousellite/blob/master/LICENSE)
Source: chromecache_219.3.drString found in binary or memory: https://github.com/kswedberg/jquery-smooth-scroll
Source: chromecache_219.3.drString found in binary or memory: https://github.com/kswedberg/jquery-smooth-scroll/blob/master/LICENSE-MIT)
Source: chromecache_214.3.drString found in binary or memory: https://github.com/stripe-samples
Source: chromecache_219.3.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/1ctgMwd2p9euFW9pPSM7jR/451d5e987ca7fa14060526e6b1766a8b/bm
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/1lCtk48IB26AGgXdHsrLrt/ad2816d6a744d5249c19ba66be22b0a6/ch
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/2EOOpI2mMZgHYBlbO44zWV/5a6c5d37402652c80567ec942c733a43/fa
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/3AGidihOJl4nH9D1vDjM84/9540155d584be52fc54c443b6efa4ae6/ho
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/4jq1Wguyus7CA7yc2kxMgn/cf7b01aadf305daef40ac8acab654510/ho
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/4zeFefnpB8yh7U3qSQRktP/d583ee93dd3d8910fa27296748699a0f/bm
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5C5LvT3YZvRTGYn7uabXGj/7da8063dc77c67b7f66a1479f47409c8/bu
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5DaqGgXeMbxSIqQj9WSqSF/8142c0c6e15b27a8bb6c8a0f8a5d4dfb/ho
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5F0uhf7cRg9vhR6NmgWzzI/664e14ddebb91375f89f8dcc75242dc0/ho
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5epSdhifMhjZWOkOxK9xG8/05715737a672f2069c17903d2acae585/ty
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5hEVwGQfvUQhsMjfASiuA/db4e12749695dbf5735787879ae56e96/fla
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5k7VeoAQQDK7032fIF6PEU/25f3670f5f4508103ee77afd92b7e074/ty
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/6c56LuWUxcACbVkv4fqszI/d0a88e48d11a88b97daf896246ac40da/ho
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/6iLtU8qBUtE42tshpmZxY2/ac5b7b7a181524237b942e43620fceef/ch
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/7C4ROeiaqUa0HwwBU9EL9l/205ad1141f35c449a79c7dae1811d9b7/at
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/7jjWJlm9NHgLI7SV98B0Dg/ea1ae753f3764897fa4333311e41f496/ho
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/7szA8TJHWKDIEuCbu6Yblm/4548db61648d063fb7e7dddfca04ab79/ho
Source: chromecache_214.3.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/wEsTNDVgdEqaPAKkFdqnL/c69e1649432f1b772d86d81e423b7e3e/but
Source: chromecache_234.3.drString found in binary or memory: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Source: ProcessLasso.exe, ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lic.bitsum.com/versioninfo/processlasso/attribs.txt
Source: chromecache_249.3.drString found in binary or memory: https://m.stripe.network
Source: chromecache_214.3.drString found in binary or memory: https://marketplace.stripe.com/
Source: chromecache_195.3.drString found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_195.3.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_214.3.drString found in binary or memory: https://press.stripe.com/
Source: chromecache_214.3.drString found in binary or memory: https://q.stripe.com
Source: chromecache_214.3.drString found in binary or memory: https://sales-live-chat.stripe.com
Source: chromecache_214.3.drString found in binary or memory: https://sales-live-chat.stripe.com/render
Source: chromecache_214.3.drString found in binary or memory: https://schema.org
Source: chromecache_195.3.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_195.3.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_214.3.drString found in binary or memory: https://status.stripe.com/
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/#organization
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/ae
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/at
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/au
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/br
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/contact/sales
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/de
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/de-be
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/de-ch
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/de-li
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/de-lu
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/api
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/billing
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/changelog
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/connect
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/connectors
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/development
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/invoicing/hosted-invoice-page
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/libraries
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/no-code
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/no-code/payment-links
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/no-code/tap-to-pay
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/payments
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/payments/checkout
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/stripe-apps
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/terminal
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/docs/upgrades#api-versions
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-at
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-be
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-bg
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-br
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-ca
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-ch
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-cy
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-cz
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-de
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-dk
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-ee
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-es
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-fi
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-fr
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-gi
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-gr
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-hk
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-hr
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-hu
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-it
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-jp
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-li
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-lt
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-lu
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-lv
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-mt
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-mx
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-my
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-nl
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-no
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-pl
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-pt
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-ro
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-se
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-sg
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-si
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-sk
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/en-th
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/es
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/es-us
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/fr
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/fr-be
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/fr-ca
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/fr-ch
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/fr-lu
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/gb
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/guides
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/ie
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/in
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/issuing
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/it
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/it-ch
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/it-hr
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/it-si
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/jp
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/mx
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/nl
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/nl-be
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/nz
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/pricing
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/privacy
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/pt-pt
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/radar
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/se
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/sigma
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/spc/licenses
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/sv-fi
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/th
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/us
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/use-cases/global-businesses
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/zh-hk
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/zh-my
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/zh-sg
Source: chromecache_214.3.drString found in binary or memory: https://stripe.com/zh-us
Source: chromecache_214.3.drString found in binary or memory: https://support.stripe.com/?referrerLocale=en-us
Source: chromecache_195.3.drString found in binary or memory: https://td.doubleclick.net
Source: chromecache_214.3.drString found in binary or memory: https://twitter.com/stripe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.drString found in binary or memory: https://update.bitsum.com/files/auto/64/beta/pl4sfx.exeUpdate
Source: ProcessLasso.exeString found in binary or memory: https://update.bitsum.com/userservices/versioninfo.php
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://update.bitsum.com/userservices/versioninfo.php&Platform=&Registered=&vnew=1?ProductName=&man
Source: chromecache_250.3.drString found in binary or memory: https://wpbakery.com)
Source: chromecache_195.3.drString found in binary or memory: https://www.google.com
Source: ProcessLasso.exeString found in binary or memory: https://www.google.com/search?q=%s
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://www.google.com/search?q=%sopenProcess
Source: chromecache_195.3.drString found in binary or memory: https://www.googleadservices.com
Source: chromecache_195.3.drString found in binary or memory: https://www.googletagmanager.com
Source: chromecache_214.3.drString found in binary or memory: https://www.linkedin.com/company/stripe/
Source: chromecache_195.3.drString found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_214.3.drString found in binary or memory: https://www.youtube.com/watch?v=GnSlQz-14JY
Source: chromecache_214.3.drString found in binary or memory: https://youtube.com/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49994 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50054 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49900 version: TLS 1.2
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AC280 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,4_2_00007FF61D3AC280
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AC280 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,4_2_00007FF61D3AC280
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D893E20 GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,6_2_00007FF72D893E20
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D882D20 GetKeyState,SetFocus,PostMessageW,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,PostMessageW,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,#413,6_2_00007FF72D882D20
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D883AB3 GetKeyState,SetFocus,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,6_2_00007FF72D883AB3
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8D9910 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,6_2_00007FF72D8D9910
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AC280 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,4_2_00007FF61D3AC280
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B621F0 CreateMutexW,WaitForSingleObject,CreateEventW,CreateEventW,LoadLibraryW,GetProcAddress,GetCurrentProcess,NtQueryInformationProcess,GetCurrentProcess,SetPriorityClass,LoadCursorW,RegisterClassExW,CreateWindowExW,MessageBoxW,GetMessageW,TranslateMessage,DispatchMessageW,GetMessageW,SetEvent,GetCurrentThreadId,SendMessageW,CloseHandle,ReleaseMutex,MessageBoxW,SetEvent,GetCurrentThreadId,FreeLibrary,CloseHandle,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,5_2_00007FF714B621F0
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B61BC0 GetCurrentProcessId,ProcessIdToSessionId,GetForegroundWindow,GetWindowThreadProcessId,GetLastInputInfo,GetCurrentProcess,NtQueryInformationProcess,WaitForSingleObject,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,5_2_00007FF714B61BC0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_00587AAF: __EH_prolog,_wcslen,_wcslen,CreateFileW,CloseHandle,CreateDirectoryW,CreateFileW,DeviceIoControl,CloseHandle,GetLastError,RemoveDirectoryW,DeleteFileW,0_2_00587AAF
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005892C60_2_005892C6
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_00597DDC0_2_00597DDC
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005950110_2_00595011
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005982530_2_00598253
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005902F70_2_005902F7
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005952820_2_00595282
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A62A80_2_005A62A8
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005913FD0_2_005913FD
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0059742E0_2_0059742E
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A64D70_2_005A64D7
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005955B00_2_005955B0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005AE6000_2_005AE600
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005907A70_2_005907A7
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0058D8330_2_0058D833
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005988AF0_2_005988AF
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0058395A0_2_0058395A
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_00584A8E0_2_00584A8E
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005AEAAE0_2_005AEAAE
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005B2BB40_2_005B2BB4
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0058FCCC0_2_0058FCCC
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_00582EB60_2_00582EB6
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D38EE504_2_00007FF61D38EE50
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D38FEF04_2_00007FF61D38FEF0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A1D904_2_00007FF61D3A1D90
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A7E204_2_00007FF61D3A7E20
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D38B0504_2_00007FF61D38B050
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A7F404_2_00007FF61D3A7F40
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D386F5A4_2_00007FF61D386F5A
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A0FC04_2_00007FF61D3A0FC0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D38EA904_2_00007FF61D38EA90
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A8A104_2_00007FF61D3A8A10
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D386C904_2_00007FF61D386C90
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39255A4_2_00007FF61D39255A
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3907904_2_00007FF61D390790
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D38D8104_2_00007FF61D38D810
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A84804_2_00007FF61D3A8480
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A04C04_2_00007FF61D3A04C0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3B7E844_2_00007FF61D3B7E84
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39CE8B4_2_00007FF61D39CE8B
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39CEAB4_2_00007FF61D39CEAB
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A9E404_2_00007FF61D3A9E40
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39CE5B4_2_00007FF61D39CE5B
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39CE734_2_00007FF61D39CE73
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39CEE84_2_00007FF61D39CEE8
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3B6E244_2_00007FF61D3B6E24
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39CE314_2_00007FF61D39CE31
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A6DF04_2_00007FF61D3A6DF0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3BE0A84_2_00007FF61D3BE0A8
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C3FA04_2_00007FF61D3C3FA0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3B70104_2_00007FF61D3B7010
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C6A944_2_00007FF61D3C6A94
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C0AD44_2_00007FF61D3C0AD4
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C29484_2_00007FF61D3C2948
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3B6C384_2_00007FF61D3B6C38
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3ACC704_2_00007FF61D3ACC70
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AC6904_2_00007FF61D3AC690
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A45904_2_00007FF61D3A4590
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3BE5A04_2_00007FF61D3BE5A0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A55404_2_00007FF61D3A5540
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C88984_2_00007FF61D3C8898
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C39204_2_00007FF61D3C3920
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D39748D4_2_00007FF61D39748D
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AB4404_2_00007FF61D3AB440
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C34704_2_00007FF61D3C3470
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C04C04_2_00007FF61D3C04C0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C633C4_2_00007FF61D3C633C
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B621F05_2_00007FF714B621F0
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B6CE045_2_00007FF714B6CE04
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B74E0C5_2_00007FF714B74E0C
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B6BDAC5_2_00007FF714B6BDAC
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B6BF985_2_00007FF714B6BF98
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B6F0605_2_00007FF714B6F060
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B700185_2_00007FF714B70018
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B720485_2_00007FF714B72048
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B749805_2_00007FF714B74980
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B6BBC05_2_00007FF714B6BBC0
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B793785_2_00007FF714B79378
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B70B485_2_00007FF714B70B48
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B704C85_2_00007FF714B704C8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88ED306_2_00007FF72D88ED30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8861006_2_00007FF72D886100
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88E0106_2_00007FF72D88E010
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D819AA06_2_00007FF72D819AA0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87FB406_2_00007FF72D87FB40
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8896206_2_00007FF72D889620
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8978E06_2_00007FF72D8978E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8A74506_2_00007FF72D8A7450
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87B3506_2_00007FF72D87B350
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D888EA06_2_00007FF72D888EA0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8DBEA06_2_00007FF72D8DBEA0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D923EB06_2_00007FF72D923EB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868EE16_2_00007FF72D868EE1
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D89DE306_2_00007FF72D89DE30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868E316_2_00007FF72D868E31
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D876E306_2_00007FF72D876E30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D890E606_2_00007FF72D890E60
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868E896_2_00007FF72D868E89
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D821E906_2_00007FF72D821E90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D884E906_2_00007FF72D884E90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8B6E806_2_00007FF72D8B6E80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8C7DB06_2_00007FF72D8C7DB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D861DB06_2_00007FF72D861DB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91CDC86_2_00007FF72D91CDC8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8DDDA06_2_00007FF72D8DDDA0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D925DD06_2_00007FF72D925DD0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D85DDC06_2_00007FF72D85DDC0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8D0DF06_2_00007FF72D8D0DF0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868DD96_2_00007FF72D868DD9
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D870DE06_2_00007FF72D870DE0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D896D306_2_00007FF72D896D30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D81DD306_2_00007FF72D81DD30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8D9D206_2_00007FF72D8D9D20
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8E1D906_2_00007FF72D8E1D90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D863D906_2_00007FF72D863D90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868D816_2_00007FF72D868D81
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D81B0A06_2_00007FF72D81B0A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D89E0D06_2_00007FF72D89E0D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8DD0D06_2_00007FF72D8DD0D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D85C1006_2_00007FF72D85C100
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9340406_2_00007FF72D934040
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86E04F6_2_00007FF72D86E04F
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86903E6_2_00007FF72D86903E
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8680406_2_00007FF72D868040
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8DE0706_2_00007FF72D8DE070
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88C0806_2_00007FF72D88C080
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91F06C6_2_00007FF72D91F06C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D893FB06_2_00007FF72D893FB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8DCFB06_2_00007FF72D8DCFB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D883FB06_2_00007FF72D883FB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D866FA06_2_00007FF72D866FA0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D865FD06_2_00007FF72D865FD0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91CFB46_2_00007FF72D91CFB4
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868FE96_2_00007FF72D868FE9
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D83AFF06_2_00007FF72D83AFF0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868F396_2_00007FF72D868F39
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868F916_2_00007FF72D868F91
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D93DAC86_2_00007FF72D93DAC8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8EFA986_2_00007FF72D8EFA98
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D892AD06_2_00007FF72D892AD0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86BAC06_2_00007FF72D86BAC0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8C7AE06_2_00007FF72D8C7AE0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D860AE06_2_00007FF72D860AE0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8E0A306_2_00007FF72D8E0A30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D81CA306_2_00007FF72D81CA30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86BA636_2_00007FF72D86BA63
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8B7A806_2_00007FF72D8B7A80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9239B86_2_00007FF72D9239B8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86B9A96_2_00007FF72D86B9A9
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8439E06_2_00007FF72D8439E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D895A106_2_00007FF72D895A10
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D874A106_2_00007FF72D874A10
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86BA066_2_00007FF72D86BA06
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D864A006_2_00007FF72D864A00
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88A9206_2_00007FF72D88A920
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8E49206_2_00007FF72D8E4920
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86B94C6_2_00007FF72D86B94C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8CA9606_2_00007FF72D8CA960
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8999906_2_00007FF72D899990
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8BC9906_2_00007FF72D8BC990
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8ECCB06_2_00007FF72D8ECCB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8D4CF06_2_00007FF72D8D4CF0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86AD136_2_00007FF72D86AD13
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D824D006_2_00007FF72D824D00
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D842C206_2_00007FF72D842C20
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D83BC606_2_00007FF72D83BC60
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D868C606_2_00007FF72D868C60
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D899C906_2_00007FF72D899C90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8C1C906_2_00007FF72D8C1C90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D92EBB86_2_00007FF72D92EBB8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D846BC06_2_00007FF72D846BC0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91CBE06_2_00007FF72D91CBE0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D814C006_2_00007FF72D814C00
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D891B306_2_00007FF72D891B30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86BB1D6_2_00007FF72D86BB1D
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D899B706_2_00007FF72D899B70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D933B906_2_00007FF72D933B90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D85EB606_2_00007FF72D85EB60
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86BB776_2_00007FF72D86BB77
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9346C06_2_00007FF72D9346C0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D89E6D06_2_00007FF72D89E6D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8406D06_2_00007FF72D8406D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D84E6D06_2_00007FF72D84E6D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86F6C06_2_00007FF72D86F6C0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8A26E06_2_00007FF72D8A26E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8E47106_2_00007FF72D8E4710
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8726206_2_00007FF72D872620
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D81B6606_2_00007FF72D81B660
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9326946_2_00007FF72D932694
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8136806_2_00007FF72D813680
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8215A06_2_00007FF72D8215A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87C5D06_2_00007FF72D87C5D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D84E6006_2_00007FF72D84E600
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8E15406_2_00007FF72D8E1540
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D81F5606_2_00007FF72D81F560
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91D5706_2_00007FF72D91D570
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D82E8A76_2_00007FF72D82E8A7
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D92E8D06_2_00007FF72D92E8D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9388A86_2_00007FF72D9388A8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86B8EF6_2_00007FF72D86B8EF
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8369106_2_00007FF72D836910
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8418306_2_00007FF72D841830
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88C8506_2_00007FF72D88C850
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9318806_2_00007FF72D931880
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D86B8926_2_00007FF72D86B892
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8578806_2_00007FF72D857880
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8698806_2_00007FF72D869880
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8767D06_2_00007FF72D8767D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8FC7BC6_2_00007FF72D8FC7BC
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8387E06_2_00007FF72D8387E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88E8006_2_00007FF72D88E800
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8238006_2_00007FF72D823800
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8378006_2_00007FF72D837800
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8718006_2_00007FF72D871800
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D84A7506_2_00007FF72D84A750
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8797606_2_00007FF72D879760
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D92D2B86_2_00007FF72D92D2B8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D82E2206_2_00007FF72D82E220
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9392246_2_00007FF72D939224
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8602406_2_00007FF72D860240
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87E2656_2_00007FF72D87E265
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8242906_2_00007FF72D824290
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8E01B06_2_00007FF72D8E01B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87C1CB6_2_00007FF72D87C1CB
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91D19C6_2_00007FF72D91D19C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8821F06_2_00007FF72D8821F0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8DA1506_2_00007FF72D8DA150
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D84A1506_2_00007FF72D84A150
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88B1906_2_00007FF72D88B190
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8974A06_2_00007FF72D8974A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9394A06_2_00007FF72D9394A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8914F06_2_00007FF72D8914F0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91F4386_2_00007FF72D91F438
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91E4186_2_00007FF72D91E418
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D88E4906_2_00007FF72D88E490
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D82C4806_2_00007FF72D82C480
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8654806_2_00007FF72D865480
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D9293BC6_2_00007FF72D9293BC
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D81B3B06_2_00007FF72D81B3B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8B74106_2_00007FF72D8B7410
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91133C6_2_00007FF72D91133C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D91D3886_2_00007FF72D91D388
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87D3806_2_00007FF72D87D380
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D8A6E30 appears 100 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D885910 appears 46 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D916930 appears 48 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D8D6820 appears 38 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D9263B4 appears 34 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D816070 appears 89 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D89BE10 appears 37 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF72D89BC50 appears 45 times
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: String function: 00007FF61D3A23E0 appears 102 times
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: String function: 00007FF61D3A2850 appears 126 times
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: String function: 0059FEFC appears 42 times
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: String function: 005A07A0 appears 31 times
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: String function: 0059FFD0 appears 56 times
Source: pl_rsrc_bulgarian.dll.0.drStatic PE information: Resource name: RT_STRING type: COM executable for DOS
Source: pl_rsrc_french.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
Source: pl_rsrc_french.dll.0.drStatic PE information: Resource name: RT_STRING type: x86 executable (TV) not stripped
Source: pl_rsrc_french.dll.0.drStatic PE information: Resource name: RT_STRING type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.115
Source: pl_rsrc_german.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
Source: pl_rsrc_italian.dll.0.drStatic PE information: Resource name: RT_STRING type: COM executable for DOS
Source: pl_rsrc_korean.dll.0.drStatic PE information: Resource name: RT_STRING type: COM executable for DOS
Source: pl_rsrc_russian.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
Source: pl_rsrc_slovenian.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX COFF pure executable, sections 78, created Sun Mar 29 05:32:17 1970, not stripped, version 110
Source: pl_rsrc_spanish.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
Source: pl_rsrc_korean.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_russian.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_english.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_spanish.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_french.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_chinese_traditional.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_german.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_polish.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_japanese.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_italian.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_slovenian.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_finnish.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_chinese.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_ptbr.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_bulgarian.dll.0.drStatic PE information: No import functions for PE file found
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008165000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevistammsc.exep( vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameprocesslasso.exe< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameprocesslassolauncher.exe< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenametestlasso.exe< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008114000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenametweaksch.exe> vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamequickupgrade.exe< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008075000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamethreadracer.exe8 vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
Source: classification engineClassification label: sus30.evad.winEXE@130/203@48/17
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_00587727 GetLastError,FormatMessageW,0_2_00587727
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87FB40 GetTickCount64,GetSystemInfo,GetVersionExW,MessageBoxW,SetUnhandledExceptionFilter,InitializeCriticalSection,InitializeCriticalSection,CreateEventW,CreateEventW,CoInitializeEx,CoInitializeSecurity,InitCommonControlsEx,#17,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,OpenEventW,SetEvent,CloseHandle,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,RegCloseKey,GetSystemInfo,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,CreateEventW,SetEvent,CloseHandle,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,LeaveCriticalSection,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,OpenProcess,Sleep,WaitForSingleObject,CloseHandle,FindWindowW,FindWindowW,PostMessageW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,ShellExecuteW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GdiplusStartup,CreateEventW,LoadLibraryW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,SetProcessShutdownParameters,GetCommandLineW,CreateThread,WaitForSingleObject,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,MessageBoxW,ExitProcess,CreateThread,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,DialogBoxParamW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GetModuleHandleW,LoadAcceleratorsW,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,GetActiveProcessorCount,GetModuleHandleW,LoadIconW,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,ResetEvent,CreateThread,CreateThread,CreateThread,CreateThread,OpenMutexW,OpenMutexW,CloseHandle,Sleep,CreateThread,CreateThread,CreateThread,GetFileAttributesW,PostMessageW,GetMessageW,TranslateAcceleratorW,TranslateMessage,DispatchMessageW,GetMessageW,CloseHandle,CloseHandle,SetEvent,Shell_NotifyIconW,Sleep,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,GdiplusShutdown,DeleteCriticalSection,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,DeleteCriticalSection,SetEvent,WaitForSingleObject,TerminateThread,RegCloseKey,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,6_2_00007FF72D87FB40
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8EACE0 CreateToolhelp32Snapshot,Thread32First,GetCurrentProcessId,GetCurrentThreadId,OpenThread,SuspendThread,CloseHandle,Thread32Next,CloseHandle,6_2_00007FF72D8EACE0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D38EE50 CoInitializeEx,CoCreateInstance,VariantInit,VariantInit,VariantInit,VariantInit,VariantClear,VariantClear,VariantClear,VariantClear,CoUninitialize,SysAllocString,VariantClear,SysFreeString,SysFreeString,CoUninitialize,4_2_00007FF61D38EE50
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0059B6D2 FindResourceW,SizeofResource,LoadResource,LockResource,GlobalAlloc,GlobalLock,GdipCreateHBITMAPFromBitmap,GlobalUnlock,GlobalFree,0_2_0059B6D2
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A6DF0 OpenSCManagerW,OpenServiceW,QueryServiceConfigW,GetLastError,CloseServiceHandle,CloseServiceHandle,QueryServiceConfigW,ChangeServiceConfigW,NotifyBootConfigStatus,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,4_2_00007FF61D3A6DF0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\__tmp_rar_sfx_access_check_4832296Jump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeMutant created: \Sessions\1\BaseNamedObjects\Local\{878ec006-8bb7-4487-a9d9-6ab726fdad61}
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCommand line argument: sfxname0_2_0059F05C
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCommand line argument: sfxstime0_2_0059F05C
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCommand line argument: p0\0_2_0059F05C
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCommand line argument: STARTDLG0_2_0059F05C
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile read: C:\Windows\win.iniJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: ProcessLasso.exeString found in binary or memory: /stopafter=
Source: ProcessLasso.exeString found in binary or memory: /stopafter=
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe"
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://%3cfnc1%3e(79)/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1896,i,18253400173548351382,657115916745803150,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeProcess created: C:\Users\user\Desktop\PostUpdate.exe "C:\Users\user\Desktop\PostUpdate.exe"
Source: unknownProcess created: C:\Users\user\Desktop\bitsumsessionagent.exe C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
Source: C:\Users\user\Desktop\PostUpdate.exeProcess created: C:\Users\user\Desktop\ProcessLasso.exe /postupdate
Source: unknownProcess created: C:\Users\user\Desktop\bitsumsessionagent.exe C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=1720,i,12997719605534959893,6831416874331468599,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1992,i,4293187705668066289,15972859039918454721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1964,i,13270427420856175794,1509384985464530,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,6968930643493135927,8005255390743799941,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1896,i,7178996704446796536,16546988757165640423,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,14095325021809620615,2370060676840329805,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1960,i,15884539196100534553,13935790719083973572,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,7770318286161706758,8697429217068731838,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1980,i,14311972056982275594,10984696189209996236,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1844,i,6611676962095983694,9654412610864421321,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1980,i,3494391659014450711,15666856029738290658,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2000,i,17513695124220267583,1691441907676113592,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,5733970221364913042,4539587496349365289,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,1855896387700206653,3917910617862819512,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1996,i,6687144587041723826,9523744997039119914,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeProcess created: C:\Users\user\Desktop\PostUpdate.exe "C:\Users\user\Desktop\PostUpdate.exe" Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1896,i,18253400173548351382,657115916745803150,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1964,i,13270427420856175794,1509384985464530,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeProcess created: C:\Users\user\Desktop\ProcessLasso.exe /postupdateJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=1720,i,12997719605534959893,6831416874331468599,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1992,i,4293187705668066289,15972859039918454721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1964,i,13270427420856175794,1509384985464530,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,6968930643493135927,8005255390743799941,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1896,i,7178996704446796536,16546988757165640423,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,14095325021809620615,2370060676840329805,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1960,i,15884539196100534553,13935790719083973572,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,7770318286161706758,8697429217068731838,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1980,i,14311972056982275594,10984696189209996236,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1844,i,6611676962095983694,9654412610864421321,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1980,i,3494391659014450711,15666856029738290658,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2000,i,17513695124220267583,1691441907676113592,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,5733970221364913042,4539587496349365289,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,1855896387700206653,3917910617862819512,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1996,i,6687144587041723826,9523744997039119914,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: <pi-ms-win-core-localization-l1-2-1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: dxgidebug.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: pl_rsrc_english.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: pdh.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: dbgcore.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: pl_rsrc_english.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: mlang.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InProcServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeFile written: C:\Users\user\AppData\Local\ProcessLasso\config\prolasso.iniJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\Desktop\ProcessLasso.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Access\Capabilities\UrlAssociationsJump to behavior
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: certificate valid
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic file information: File size 2994544 > 1048576
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_polish.pdb source: pl_rsrc_polish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdb source: LogViewer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdb source: pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008165000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\testlasso.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdb source: PostUpdate.exe, 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp, PostUpdate.exe, 00000004.00000000.1691618206.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb$ source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdbi source: InstallHelper.exe.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdbZ source: PostUpdate.exe, 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp, PostUpdate.exe, 00000004.00000000.1691618206.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdb source: Insights.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdba source: CPUEater.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008114000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdbd source: Insights.exe.0.dr
Source: Binary string: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdbGCTL source: pl_rsrc_russian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdbJ source: LogViewer.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: c:\pl\output\ProcessLassoLauncher.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp, ProcessLassoLauncher.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008165000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdbGCTL source: ProcessGovernor.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\x64\Release\bitsumsessionagent.pdb source: bitsumsessionagent.exe, 00000005.00000000.1725416053.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp, bitsumsessionagent.exe, 00000005.00000002.2874427195.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp, bitsumsessionagent.exe, 00000007.00000002.1757953890.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp, bitsumsessionagent.exe, 00000007.00000000.1752515463.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdb source: CPUEater.exe.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdbT source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdb source: ProcessGovernor.exe.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdb source: InstallHelper.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdb source: pl_rsrc_russian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdbY source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008114000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007F4B000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdbGCTL source: pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\ProcessLasso.pdb source: ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\plActivate.pdb source: plActivate.exe.0.dr
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A74E0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,4_2_00007FF61D3A74E0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\__tmp_rar_sfx_access_check_4832296Jump to behavior
Source: plActivate.exe.0.drStatic PE information: real checksum: 0x4133d should be: 0x4133c
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeStatic PE information: section name: .didat
Source: ProcessLasso.exe.0.drStatic PE information: section name: _RDATA
Source: ProcessLassoLauncher.exe.0.drStatic PE information: section name: _RDATA
Source: testlasso.exe.0.drStatic PE information: section name: _RDATA
Source: ThreadRacer.exe.0.drStatic PE information: section name: _RDATA
Source: TweakScheduler.exe.0.drStatic PE information: section name: memcpy_
Source: TweakScheduler.exe.0.drStatic PE information: section name: _RDATA
Source: vistammsc.exe.0.drStatic PE information: section name: _RDATA
Source: bitsumsessionagent.exe.0.drStatic PE information: section name: _RDATA
Source: CPUEater.exe.0.drStatic PE information: section name: _RDATA
Source: Insights.exe.0.drStatic PE information: section name: _RDATA
Source: InstallHelper.exe.0.drStatic PE information: section name: _RDATA
Source: LogViewer.exe.0.drStatic PE information: section name: _RDATA
Source: plActivate.exe.0.drStatic PE information: section name: _RDATA
Source: PostUpdate.exe.0.drStatic PE information: section name: _RDATA
Source: ProcessGovernor.exe.0.drStatic PE information: section name: _RDATA
Source: QuickUpgrade.exe.Replacement.0.drStatic PE information: section name: _RDATA
Source: QuickUpgrade.exe.4.drStatic PE information: section name: _RDATA
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A07F0 push ecx; ret 0_2_005A0803
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0059FEFC push eax; ret 0_2_0059FF1A
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D857910 pushfq ; retf 6_2_00007FF72D857B4D
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\testlasso.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_slovenian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_italian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_english.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\CPUEater.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_ptbr.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\TweakScheduler.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\vistammsc.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\QuickUpgrade.exe.ReplacementJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\ProcessLasso.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\ProcessGovernor.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_japanese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\Insights.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\bitsumsessionagent.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\PostUpdate.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_korean.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_bulgarian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\ThreadRacer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_french.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\InstallHelper.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_polish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\LogViewer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\plActivate.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_russian.dllJump to dropped file
Source: C:\Users\user\Desktop\PostUpdate.exeFile created: C:\Users\user\Desktop\QuickUpgrade.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_chinese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_spanish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_finnish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\pl_rsrc_german.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeFile created: C:\Users\user\Desktop\QuickUpgrade.exe.ReplacementJump to dropped file
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A6FD0 OpenSCManagerW,OpenServiceW,QueryServiceStatus,StartServiceW,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,4_2_00007FF61D3A6FD0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87DEC0 IsWindowVisible,ShowWindow,IsIconic,ShowWindow,SendMessageW,ShowWindow,SetForegroundWindow,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,RegCloseKey,ShowWindow,6_2_00007FF72D87DEC0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A74E0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,4_2_00007FF61D3A74E0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8EACE0 CreateToolhelp32Snapshot,Thread32First,GetCurrentProcessId,GetCurrentThreadId,OpenThread,SuspendThread,CloseHandle,Thread32Next,CloseHandle,6_2_00007FF72D8EACE0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: OpenSCManagerW,EnumServicesStatusExW,GetLastError,EnumServicesStatusExW,CloseServiceHandle,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,6_2_00007FF72D8DBEA0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_slovenian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\testlasso.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_italian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\CPUEater.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_ptbr.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\TweakScheduler.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\vistammsc.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\QuickUpgrade.exe.ReplacementJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\ProcessGovernor.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_japanese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\Insights.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_korean.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_bulgarian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\ThreadRacer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_french.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\InstallHelper.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_polish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\LogViewer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\plActivate.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_russian.dllJump to dropped file
Source: C:\Users\user\Desktop\PostUpdate.exeDropped PE file which has not been started: C:\Users\user\Desktop\QuickUpgrade.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_chinese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_spanish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_finnish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_german.dllJump to dropped file
Source: C:\Users\user\Desktop\ProcessLasso.exeEvasive API call chain: GetSystemTimeAsFileTime,DecisionNodes
Source: C:\Users\user\Desktop\PostUpdate.exeEvasive API call chain: GetSystemTimeAsFileTime,DecisionNodesgraph_4-32251
Source: C:\Users\user\Desktop\ProcessLasso.exeAPI coverage: 3.0 %
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8352AA GetSystemTimeAsFileTime followed by cmp: cmp byte ptr [00007ff72d992c15h], 00000001h and CTI: jne 00007FF72D835952h6_2_00007FF72D8352AA
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0058BA94 FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,0_2_0058BA94
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0059D420 SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SetDlgItemTextW,SendDlgItemMessageW,FindFirstFileW,_swprintf,SetDlgItemTextW,FindClose,_swprintf,SetDlgItemTextW,SendDlgItemMessageW,_swprintf,SetDlgItemTextW,_swprintf,SetDlgItemTextW,0_2_0059D420
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3C6A94 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,4_2_00007FF61D3C6A94
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B72048 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,5_2_00007FF714B72048
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8C1C90 FindFirstFileW,GetFileAttributesW,FindNextFileW,_invalid_parameter_noinfo,DeleteFileW,DeleteFileW,RemoveDirectoryW,GetFileAttributesW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,FindFirstFileW,DeleteFileW,FindNextFileW,RemoveDirectoryW,GetFileAttributesW,6_2_00007FF72D8C1C90
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0059F82F VirtualQuery,GetSystemInfo,0_2_0059F82F
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vmwareuser.exe>
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vmtoolsd.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vmware-vmx.exef
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000002.1695792756.000000000362E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000002.1695792756.000000000362E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}>
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeAPI call chain: ExitProcess graph end nodegraph_0-25644
Source: C:\Users\user\Desktop\PostUpdate.exeAPI call chain: ExitProcess graph end nodegraph_4-33318
Source: C:\Users\user\Desktop\ProcessLasso.exeAPI call chain: ExitProcess graph end node
Source: C:\Users\user\Desktop\ProcessLasso.exeAPI call chain: ExitProcess graph end node
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A0A0A IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_005A0A0A
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AE5B8 InitializeCriticalSectionEx,GetLastError,IsDebuggerPresent,OutputDebugStringW,4_2_00007FF61D3AE5B8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D8EACE0 CreateToolhelp32Snapshot,Thread32First,GetCurrentProcessId,GetCurrentThreadId,OpenThread,SuspendThread,CloseHandle,Thread32Next,CloseHandle,6_2_00007FF72D8EACE0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3A74E0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,4_2_00007FF61D3A74E0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A91B0 mov eax, dword ptr fs:[00000030h]0_2_005A91B0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005AD1F0 GetProcessHeap,0_2_005AD1F0
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess token adjusted: DebugJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A0A0A IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_005A0A0A
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A0B9D SetUnhandledExceptionFilter,0_2_005A0B9D
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A0D8A SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_005A0D8A
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A4FEF IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_005A4FEF
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3BA02C RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,4_2_00007FF61D3BA02C
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AFB2C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,4_2_00007FF61D3AFB2C
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AFD10 SetUnhandledExceptionFilter,4_2_00007FF61D3AFD10
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 4_2_00007FF61D3AF680 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,4_2_00007FF61D3AF680
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B6DD18 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FF714B6DD18
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B63E40 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,5_2_00007FF714B63E40
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B64184 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FF714B64184
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 5_2_00007FF714B64368 SetUnhandledExceptionFilter,5_2_00007FF714B64368
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87FB40 GetTickCount64,GetSystemInfo,GetVersionExW,MessageBoxW,SetUnhandledExceptionFilter,InitializeCriticalSection,InitializeCriticalSection,CreateEventW,CreateEventW,CoInitializeEx,CoInitializeSecurity,InitCommonControlsEx,#17,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,OpenEventW,SetEvent,CloseHandle,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,RegCloseKey,GetSystemInfo,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,CreateEventW,SetEvent,CloseHandle,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,LeaveCriticalSection,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,OpenProcess,Sleep,WaitForSingleObject,CloseHandle,FindWindowW,FindWindowW,PostMessageW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,ShellExecuteW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GdiplusStartup,CreateEventW,LoadLibraryW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,SetProcessShutdownParameters,GetCommandLineW,CreateThread,WaitForSingleObject,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,MessageBoxW,ExitProcess,CreateThread,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,DialogBoxParamW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GetModuleHandleW,LoadAcceleratorsW,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,GetActiveProcessorCount,GetModuleHandleW,LoadIconW,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,ResetEvent,CreateThread,CreateThread,CreateThread,CreateThread,OpenMutexW,OpenMutexW,CloseHandle,Sleep,CreateThread,CreateThread,CreateThread,GetFileAttributesW,PostMessageW,GetMessageW,TranslateAcceleratorW,TranslateMessage,DispatchMessageW,GetMessageW,CloseHandle,CloseHandle,SetEvent,Shell_NotifyIconW,Sleep,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,GdiplusShutdown,DeleteCriticalSection,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,DeleteCriticalSection,SetEvent,WaitForSingleObject,TerminateThread,RegCloseKey,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,6_2_00007FF72D87FB40
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D920DF8 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,6_2_00007FF72D920DF8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D915160 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,6_2_00007FF72D915160

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Users\user\Desktop\bitsumsessionagent.exeNtQueryInformationProcess: Indirect: 0x7FF714B61EA8Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeNtQuerySystemInformation: Indirect: 0x7FF72D8E3EB1Jump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeNtQueryInformationProcess: Indirect: 0x7FF714B623A9Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D890BB0 GetModuleHandleW,GetModuleFileNameW,ShellExecuteExW,GetStartupInfoW,CreateProcessW,6_2_00007FF72D890BB0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeProcess created: C:\Users\user\Desktop\PostUpdate.exe "C:\Users\user\Desktop\PostUpdate.exe" Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D81FFB0 GetModuleHandleW,GetModuleFileNameW,InitializeSecurityDescriptor,SetSecurityDescriptorDacl,CreateEventW,SetEvent,GetFileAttributesW,GetFileAttributesW,CreateFileW,Sleep,CloseHandle,6_2_00007FF72D81FFB0
Source: SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008075000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drBinary or memory string: tooltips_class32TweakScheduler v1.04System\CurrentControlSet\Control\PriorityControlWin32PrioritySeparationSeShutdownPrivilegehttps://bitsum.com/%xtweakscheduler.exelassopecparkbitsumalaInstallerLanguageDWORDBitsumSOFTWARE\%sInstallerLanguageLanguageSoftware\Bitsum%s\%s'''"""\,,Software\Microsoft\Windows\CurrentVersion\Run\processlasso.exe."%s" %d-%d%d;/%d/()allSYSTEM\CurrentControlSet\ServicesSYSTEM\CurrentControlSet\Services\DisplayNameImagePathObjectNameStartrunas"%s" "%s" "%s"SilentUpdate"%s"%s%sGlobal\TermSrvReadyEventTermServicesvchost.exe-k-Ksvchost.exe (%s)rundll32.exerundll32rundll32.exe (%s)%d:%02d:%02d.%03d"%s" %sCreateProcessWithTokenWadvapi32Progmanhttps\shell\open\command"%1"%1%s "%s"iexplore.exeprolasso.iniprosuper.iniprolasso.ini2ERROR: There was an error cleaning up the global path of Process Lasso's configuration file..portableservices.ex%s\ProcessLasso.exe%s\ProcessGovernor.exeSoftware\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted*systemlocal servicenetwork service\QuickUpgrade.exe.Replacement\ProcessLasso\pl4sfx.exe\pl4sfx_server.exe\pl_rsrc_temp.dll\pl_debug.logadvapi32.dllConvertStringSidToSidWS-1-16-1024PLError 1Error 2GUIStartCoreStartParkControlInstalledSanity check blockprocesslasso.exeInstall_Dirprobalance.exeSoftware\CPUBalancecpubalance\probalance.exeprocessgovernor.exeprocess lasso%s\%s\%s
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_005A0826 cpuid 0_2_005A0826
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: GetLocaleInfoW,GetNumberFormatW,0_2_0059C093
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,6_2_00007FF72D93D0AC
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: GetLocaleInfoW,6_2_00007FF72D935FC4
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,6_2_00007FF72D93CFDC
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,6_2_00007FF72D935A28
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: TranslateName,TranslateName,GetACP,IsValidCodePage,GetLocaleInfoW,6_2_00007FF72D93CC90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,GetUserDefaultLCID,ProcessCodePage,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,6_2_00007FF72D93D6C4
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: GetLocaleInfoEx,6_2_00007FF72D914864
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,6_2_00007FF72D93D4E8
Source: C:\Users\user\Desktop\PostUpdate.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0059F05C GetCommandLineW,OpenFileMappingW,MapViewOfFile,UnmapViewOfFile,CloseHandle,GetModuleFileNameW,SetEnvironmentVariableW,GetLocalTime,_swprintf,SetEnvironmentVariableW,GetModuleHandleW,LoadIconW,DialogBoxParamW,Sleep,DeleteObject,DeleteObject,CloseHandle,0_2_0059F05C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D87C5D0 InitializeCriticalSection,GetCurrentThread,SetThreadPriority,GetCurrentThread,SetThreadPriorityBoost,Sleep,GetUserNameW,OpenProcess,WaitForMultipleObjects,CloseHandle,ExitThread,PostMessageW,CloseHandle,OpenMutexW,OpenMutexW,PostMessageW,CloseHandle,Sleep,EnterCriticalSection,LeaveCriticalSection,DeleteCriticalSection,SysFreeString,Sleep,WaitForSingleObject,GetCommandLineW,CreateEventW,OpenEventW,WaitForMultipleObjects,CloseHandle,CloseHandle,PostMessageW,6_2_00007FF72D87C5D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 6_2_00007FF72D939224 _get_daylight,_get_daylight,_get_daylight,_get_daylight,_get_daylight,GetTimeZoneInformation,6_2_00007FF72D939224
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exeCode function: 0_2_0058C365 GetVersionExW,0_2_0058C365
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cmdagent.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cfp.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: fsgk32.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: msmpeng.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avkservice.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: mcshield.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: rtvscan.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: fsav32.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ashwebsv.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: fsdfwd.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vsmon.exe
Source: ProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ashmaisv.exe

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
Native API		1
DLL Side-Loading		1
Exploitation for Privilege Escalation		1
Deobfuscate/Decode Files or Information		11
Input Capture		12
System Time Discovery		Remote Services1
Archive Collected Data		2
Ingress Tool Transfer		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts3
Command and Scripting Interpreter		1
DLL Search Order Hijacking		1
Abuse Elevation Control Mechanism		1
Abuse Elevation Control Mechanism		LSASS Memory1
Account Discovery		Remote Desktop Protocol11
Input Capture		11
Encrypted Channel		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain Accounts1
Scheduled Task/Job		1
Windows Service		1
DLL Side-Loading		2
Obfuscated Files or Information		Security Account Manager1
System Service Discovery		SMB/Windows Admin Shares2
Clipboard Data		3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal Accounts2
Service Execution		1
Scheduled Task/Job		1
DLL Search Order Hijacking		1
Software Packing		NTDS3
File and Directory Discovery		Distributed Component Object ModelInput Capture4
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script1
Access Token Manipulation		1
DLL Side-Loading		LSA Secrets35
System Information Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
Windows Service		1
DLL Search Order Hijacking		Cached Domain Credentials51
Security Software Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items12
Process Injection		11
Masquerading		DCSync2
Process Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/Job1
Scheduled Task/Job		1
Access Token Manipulation		Proc Filesystem1
Application Window Discovery		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt12
Process Injection		/etc/passwd and /etc/shadow1
System Owner/User Discovery		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCronDynamic API ResolutionNetwork Sniffing1
Remote System Discovery		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1432432 Sample: SecuriteInfo.com.Trojan.Mul... Startdate: 27/04/2024 Architecture: WINDOWS Score: 30 8 SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe 37 2->8         started        11 bitsumsessionagent.exe 2->11         started        14 chrome.exe 1 2->14         started        17 bitsumsessionagent.exe 2->17         started        dnsIp3 52 C:\Users\user\...\bitsumsessionagent.exe, PE32+ 8->52 dropped 54 C:\Users\user\Desktop\ProcessLasso.exe, PE32+ 8->54 dropped 56 C:\Users\user\Desktop\vistammsc.exe, PE32+ 8->56 dropped 58 27 other files (none is malicious) 8->58 dropped 19 PostUpdate.exe 21 53 8->19         started        72 Found direct / indirect Syscall (likely to bypass EDR) 11->72 66 192.168.2.4 unknown unknown 14->66 68 239.255.255.250 unknown Reserved 14->68 22 chrome.exe 14->22         started        file4 signatures5 process6 dnsIp7 50 C:\Users\user\Desktop\QuickUpgrade.exe, PE32+ 19->50 dropped 25 ProcessLasso.exe 1 34 19->25         started        60 dexeqbeb7giwr.cloudfront.net 18.164.116.33 MIT-GATEWAYSUS United States 22->60 62 stripe.com 198.137.150.141 LEVEL3US United States 22->62 64 20 other IPs or domains 22->64 file8 process9 signatures10 70 Found direct / indirect Syscall (likely to bypass EDR) 25->70 28 chrome.exe 25->28         started        30 chrome.exe 25->30         started        32 chrome.exe 25->32         started        34 12 other processes 25->34 process11 process12 36 chrome.exe 28->36         started        38 chrome.exe 30->38         started        40 chrome.exe 32->40         started        42 chrome.exe 34->42         started        44 chrome.exe 34->44         started        46 chrome.exe 34->46         started        48 9 other processes 34->48

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe5%ReversingLabs
SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe2%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\Desktop\CPUEater.exe0%ReversingLabs
C:\Users\user\Desktop\CPUEater.exe0%VirustotalBrowse
C:\Users\user\Desktop\Insights.exe0%ReversingLabs
C:\Users\user\Desktop\Insights.exe0%VirustotalBrowse
C:\Users\user\Desktop\InstallHelper.exe0%ReversingLabs
C:\Users\user\Desktop\InstallHelper.exe0%VirustotalBrowse
C:\Users\user\Desktop\LogViewer.exe0%ReversingLabs
C:\Users\user\Desktop\LogViewer.exe0%VirustotalBrowse
C:\Users\user\Desktop\PostUpdate.exe0%ReversingLabs
C:\Users\user\Desktop\PostUpdate.exe0%VirustotalBrowse
C:\Users\user\Desktop\ProcessGovernor.exe0%ReversingLabs
C:\Users\user\Desktop\ProcessGovernor.exe0%VirustotalBrowse
C:\Users\user\Desktop\ProcessLasso.exe0%ReversingLabs
C:\Users\user\Desktop\ProcessLasso.exe0%VirustotalBrowse
C:\Users\user\Desktop\ProcessLassoLauncher.exe0%ReversingLabs
C:\Users\user\Desktop\ProcessLassoLauncher.exe0%VirustotalBrowse
C:\Users\user\Desktop\QuickUpgrade.exe0%ReversingLabs
C:\Users\user\Desktop\QuickUpgrade.exe0%VirustotalBrowse
C:\Users\user\Desktop\QuickUpgrade.exe.Replacement0%ReversingLabs
C:\Users\user\Desktop\QuickUpgrade.exe.Replacement0%VirustotalBrowse
C:\Users\user\Desktop\ThreadRacer.exe0%ReversingLabs
C:\Users\user\Desktop\ThreadRacer.exe0%VirustotalBrowse
C:\Users\user\Desktop\TweakScheduler.exe0%ReversingLabs
C:\Users\user\Desktop\TweakScheduler.exe0%VirustotalBrowse
C:\Users\user\Desktop\bitsumsessionagent.exe0%ReversingLabs
C:\Users\user\Desktop\bitsumsessionagent.exe0%VirustotalBrowse
C:\Users\user\Desktop\plActivate.exe0%ReversingLabs
C:\Users\user\Desktop\plActivate.exe0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_bulgarian.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_bulgarian.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_chinese.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_chinese.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_english.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_english.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_finnish.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_finnish.dll0%VirustotalBrowse

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
stripecdn.map.fastly.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAutocomplete-dc62d89d9e2121e48baf.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavItem-fd5a8f8fac232f661b30%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/StripeSet-423109ad4bf57a2a011c.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorStatusBar-24c7c84123b2b6e4f091.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStickyAnimation-4ea4d6a5e9b414987337.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/Field-ea906aa31d4012757deb.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavTrack-1380f9c2e275695c5e0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/Stripe-b3679504f08482f96a0d.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff20%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GridLayout-0b90e779a89c0243e739.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GlobalizationPicker-cb59e0de1d5c3aeaa184.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/HorizontalOverflowContainer-0b85e8f46a0db21a6ef9.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSuiteAnimation-683958a93f82ca151ea7.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSubanimation-b9163916332f2a67d464.css0%URL Reputationsafe
http://daneden.me/animate0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/ProductListing-3e17d7acee941b127dd1.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-71bdbfda51a40294b593.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css0%URL Reputationsafe
https://bitsum.com.0%Avira URL Cloudsafe
https://bitsum.com30%Avira URL Cloudsafe
https://bitsum.com50%Avira URL Cloudsafe
http://getbootstrap.com)0%Avira URL Cloudsafe
https://wpbakery.com)0%Avira URL Cloudsafe
https://bitsum.com.0%VirustotalBrowse

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
stats.wp.com
192.0.76.3
truefalse
    		high
    google.com
    		142.250.80.46
    		truefalse
      		high
      a.nel.cloudflare.com
      		35.190.80.1
      		truefalse
        		high
        stripecdn.map.fastly.net
        		151.101.192.176
        		truefalseunknown
        stats.g.doubleclick.net
        		142.251.16.156
        		truefalse
          		high
          bitsum.com
          		104.26.5.102
          		truefalse
            		high
            analytics-alv.google.com
            		216.239.34.181
            		truefalse
              		high
              pixel.wp.com
              		192.0.76.3
              		truefalse
                		high
                m.stripe.com
                		44.240.201.86
                		truefalse
                  		high
                  dexeqbeb7giwr.cloudfront.net
                  		18.164.116.33
                  		truefalse
                    		high
                    stripe.com
                    		198.137.150.141
                    		truefalse
                      		high
                      www.google.com
                      		142.251.40.228
                      		truefalse
                        		high
                        lb.wordpress.com
                        		192.0.78.12
                        		truefalse
                          		high
                          m.stripe.network
                          		unknown
                          		unknownfalse
                            		high
                            analytics.google.com
                            		unknown
                            		unknownfalse
                              		high
                              js.stripe.com
                              		unknown
                              		unknownfalse
                                		high
                                v0.wordpress.com
                                		unknown
                                		unknownfalse
                                  		high

                                  Contacted URLs

                                  NameMaliciousAntivirus DetectionReputation
                                  https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178139063&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_et=248&tfd=2747false
                                    		high
                                    https://bitsum.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0false
                                      		high
                                      https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178167090&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2596false
                                        		high
                                        https://bitsum.com/wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1false
                                          		high
                                          https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178132170&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1337false
                                            		high
                                            https://m.stripe.network/inner.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=falsefalse
                                              		high
                                              https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178132170&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=3152false
                                                		high
                                                https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178118368&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_et=3450&tfd=11765false
                                                  		high
                                                  https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178181863&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&tfd=3194false
                                                    		high
                                                    https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178195136&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2555false
                                                      		high
                                                      https://bitsum.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7false
                                                        		high
                                                        https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178160693&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&tfd=3142false
                                                          		high
                                                          https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178174662&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&tfd=2301false
                                                            		high
                                                            https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178174662&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=9768false
                                                              		high
                                                              https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178152977&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=9393false
                                                                		high
                                                                https://bitsum.com/wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0false
                                                                  		high
                                                                  https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178207933&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2183false
                                                                    		high
                                                                    https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3385&rand=0.4022322553563107false
                                                                      		high
                                                                      https://bitsum.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17false
                                                                        		high
                                                                        https://bitsum.com/wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3false
                                                                          		high
                                                                          https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5823933832413537false
                                                                            		high
                                                                            https://bitsum.com/js/anchor-offset.js?ver=2false
                                                                              		high
                                                                              https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028false
                                                                                		high
                                                                                https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3020&rand=0.2054094452619757false
                                                                                  		high
                                                                                  https://bitsum.com/wp-content/themes/meminz/js/custom.js?ver=20231102false
                                                                                    		high
                                                                                    https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178132170&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=5&tfd=8383false
                                                                                      		high
                                                                                      https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2995&rand=0.5630717407710482false
                                                                                        		high
                                                                                        https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178200995&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=8910false
                                                                                          		high
                                                                                          https://bitsum.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6false
                                                                                            		high
                                                                                            https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6false
                                                                                              		high
                                                                                              https://a.nel.cloudflare.com/report/v4?s=Juoae9xuv73uYDRAykdVqLksFMY0tv36o0qR022mZg3AWn8AsFejUkr%2FpPGRyMPxEu2CwZmndYF9p%2F0QR2kktlLaePpycMJb1XxGt3xG9ryMmoH93M2oeBkPEuc%3Dfalse
                                                                                                		high
                                                                                                https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.9114243600301877false
                                                                                                  		high
                                                                                                  https://bitsum.com/wp-content/themes/meminz/fonts/open-sans/opensans-regular-webfont.woff2false
                                                                                                    		high
                                                                                                    https://bitsum.com/wp-content/plugins/edd-recurring/assets/css/styles.css?ver=2.12.3false
                                                                                                      		high

                                                                                                      URLs from Memory and Binaries

                                                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAutocomplete-dc62d89d9e2121e48baf.csschromecache_214.3.drfalse
                                                                                                      • URL Reputation: safe
                                                                                                      		unknown
                                                                                                      https://www.youtube.com/watch?v=GnSlQz-14JYchromecache_214.3.drfalse
                                                                                                        		high
                                                                                                        https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavItem-fd5a8f8fac232f661b3chromecache_214.3.drfalse
                                                                                                        • URL Reputation: safe
                                                                                                        		unknown
                                                                                                        https://b.stripecdn.com/mkt-statics-srv/assets/StripeSet-423109ad4bf57a2a011c.csschromecache_214.3.drfalse
                                                                                                        • URL Reputation: safe
                                                                                                        		unknown
                                                                                                        https://bitsum.com/support.SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.drfalse
                                                                                                          		high
                                                                                                          https://bitsum.com/%xtweakscheduler.exelassopecparkbitsumalaInstallerLanguageDWORDBitsumSOFTWARESecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008075000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drfalse
                                                                                                            		high
                                                                                                            https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorStatusBar-24c7c84123b2b6e4f091.csschromecache_214.3.drfalse
                                                                                                            • URL Reputation: safe
                                                                                                            		unknown
                                                                                                            https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStickyAnimation-4ea4d6a5e9b414987337.csschromecache_214.3.drfalse
                                                                                                            • URL Reputation: safe
                                                                                                            		unknown
                                                                                                            https://activate.bitsum.com/?ProcessSecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.4.dr, QuickUpgrade.exe.Replacement.0.dr, plActivate.exe.0.drfalse
                                                                                                              		high
                                                                                                              https://assets.ctfassets.net/fzn2n1nzq965/01hMKr6nEEGVfOuhsaMIXQ/c424849423b5f036a8892afa09ac38c7/fachromecache_214.3.drfalse
                                                                                                                		high
                                                                                                                https://bitsum.com5SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://b.stripecdn.com/mkt-statics-srv/assets/Field-ea906aa31d4012757deb.csschromecache_214.3.drfalse
                                                                                                                • URL Reputation: safe
                                                                                                                		unknown
                                                                                                                https://wpbakery.com)chromecache_250.3.drfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		low
                                                                                                                https://stripe.com/iechromecache_214.3.drfalse
                                                                                                                  		high
                                                                                                                  http://getbootstrap.com)chromecache_219.3.dr, chromecache_246.3.drfalse
                                                                                                                  • Avira URL Cloud: safe
                                                                                                                  		low
                                                                                                                  https://bitsum.com/3CurrentSecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_english.dll.0.dr, pl_rsrc_japanese.dll.0.drfalse
                                                                                                                    		high
                                                                                                                    https://bitsum.com3SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.csschromecache_214.3.drfalse
                                                                                                                    • URL Reputation: safe
                                                                                                                    • URL Reputation: safe
                                                                                                                    		unknown
                                                                                                                    https://bitsum.com/pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drfalse
                                                                                                                      		high
                                                                                                                      https://bitsum.com.SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_german.dll.0.drfalse
                                                                                                                      • 0%, Virustotal, Browse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavTrack-1380f9c2e275695c5echromecache_214.3.drfalse
                                                                                                                      • URL Reputation: safe
                                                                                                                      		unknown
                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/Stripe-b3679504f08482f96a0d.csschromecache_214.3.drfalse
                                                                                                                      • URL Reputation: safe
                                                                                                                      		unknown
                                                                                                                      https://www.google.com/search?q=%sopenProcessSecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drfalse
                                                                                                                        		high
                                                                                                                        https://bitsum.com/keep-running-gaas-infoProcessLasso.exefalse
                                                                                                                          		high
                                                                                                                          https://stripe.com/docs/paymentschromecache_214.3.drfalse
                                                                                                                            		high
                                                                                                                            https://stripe.com/inchromecache_214.3.drfalse
                                                                                                                              		high
                                                                                                                              https://bitsum.com/step1/ProcessLasso.exefalse
                                                                                                                                		high
                                                                                                                                https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff2chromecache_214.3.drfalse
                                                                                                                                • URL Reputation: safe
                                                                                                                                		unknown
                                                                                                                                https://images.ctfassets.net/fzn2n1nzq965/5F0uhf7cRg9vhR6NmgWzzI/664e14ddebb91375f89f8dcc75242dc0/hochromecache_214.3.drfalse
                                                                                                                                  		high
                                                                                                                                  https://bitsum.com/minidumps/ProcessLasso.exefalse
                                                                                                                                    		high
                                                                                                                                    https://stripe.com/docs/connectorschromecache_214.3.drfalse
                                                                                                                                      		high
                                                                                                                                      https://stripe.com/itchromecache_214.3.drfalse
                                                                                                                                        		high
                                                                                                                                        https://bitsum.compl_rsrc_german.dll.0.drfalse
                                                                                                                                          		high
                                                                                                                                          https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1JTProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://bitsum.com/processlasso-docs/#processmatchhttps://activate.bitsum.com/check.phpCHECK_OKarbgcInsights.exe.0.drfalse
                                                                                                                                              		high
                                                                                                                                              https://bitsum.com/processlasso/?inproduct;ThereSecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_english.dll.0.drfalse
                                                                                                                                                		high
                                                                                                                                                https://images.ctfassets.netchromecache_214.3.drfalse
                                                                                                                                                  		high
                                                                                                                                                  https://bitsum.com/processlasso/purchase/commercial/?inproduct1https://bitsum.com/processlasso/serveSecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009240000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000086C8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.drfalse
                                                                                                                                                    		high
                                                                                                                                                    https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1IaProcessLasso.exe, 00000006.00000002.2874436459.0000021EFA2FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://stripe.com/#organizationchromecache_214.3.drfalse
                                                                                                                                                        		high
                                                                                                                                                        https://bitsum.com/processlasso-docs/#processmatch;SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drfalse
                                                                                                                                                          		high
                                                                                                                                                          https://stripe.com/jpchromecache_214.3.drfalse
                                                                                                                                                            		high
                                                                                                                                                            https://b.stripecdn.com/mkt-statics-srv/assets/GridLayout-0b90e779a89c0243e739.csschromecache_214.3.drfalse
                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://dashboard.stripe.com/chromecache_214.3.drfalse
                                                                                                                                                              		high
                                                                                                                                                              https://www.google.com/search?q=%sProcessLasso.exefalse
                                                                                                                                                                		high
                                                                                                                                                                https://b.stripecdn.com/mkt-statics-srv/assets/GlobalizationPicker-cb59e0de1d5c3aeaa184.csschromecache_214.3.drfalse
                                                                                                                                                                • URL Reputation: safe
                                                                                                                                                                		unknown
                                                                                                                                                                https://bitsum.com/support/?inproductSecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008BAF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008DA5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000089C5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007CDF000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000009054000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007BAE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.000000000825C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000008897000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000079C6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.00000000084FE000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000004.00000002.1726519743.00000226263CF000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000006.00000002.2874987851.0000021EFC24F000.00000002.00000001.01000000.0000000D.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, pl_rsrc_russian.dll.0.drfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://update.bitsum.com/userservices/versioninfo.php&Platform=&Registered=&vnew=1?ProductName=&manSecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, 00000000.00000003.1671915899.0000000007E4C000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000006.00000002.2875696270.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe, 00000006.00000000.1725605676.00007FF72D950000.00000002.00000001.01000000.0000000F.sdmp, ProcessLasso.exe.0.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://b.stripecdn.com/mkt-statics-srv/assets/HorizontalOverflowContainer-0b85e8f46a0db21a6ef9.csschromecache_214.3.drfalse
                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                    		unknown
                                                                                                                                                                    https://stripe.com/sv-fichromecache_214.3.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://support.stripe.com/?referrerLocale=en-uschromecache_214.3.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSuiteAnimation-683958a93f82ca151ea7.csschromecache_214.3.drfalse
                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSubanimation-b9163916332f2a67d464.csschromecache_214.3.drfalse
                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://bitsum.com/1Apl_rsrc_ptbr.dll.0.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://fontawesome.com/license/freechromecache_271.3.dr, chromecache_266.3.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://images.ctfassets.net/fzn2n1nzq965/6iLtU8qBUtE42tshpmZxY2/ac5b7b7a181524237b942e43620fceef/chchromecache_214.3.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://daneden.me/animatechromecache_246.3.drfalse
                                                                                                                                                                              • URL Reputation: safe
                                                                                                                                                                              		unknown
                                                                                                                                                                              https://bitsum.com/get-process-lasso-server-edition/https://activate.bitsum.com/?ProcessInsights.exe.0.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://b.stripecdn.com/mkt-statics-srv/assets/ProductListing-3e17d7acee941b127dd1.csschromecache_214.3.drfalse
                                                                                                                                                                                • URL Reputation: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://stripe.com/dechromecache_214.3.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://bitsum.com/processlasso/?inproductpl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://stripe.com/docs/apichromecache_214.3.drfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-71bdbfda51a40294b593.csschromecache_214.3.drfalse
                                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      https://bitsum.com/get-process-lasso-server-edition/ProcessLasso.exefalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.csschromecache_214.3.drfalse
                                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        https://bitsum.com/processlasso-docs/#processmatchProcessLasso.exefalse
                                                                                                                                                                                          		high

                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                          Public IPs

                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                          151.101.0.176
                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                          		54113FASTLYUSfalse
                                                                                                                                                                                          216.239.34.181
                                                                                                                                                                                          		analytics-alv.google.comUnited States
                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                          142.251.40.228
                                                                                                                                                                                          		www.google.comUnited States
                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                          104.26.5.102
                                                                                                                                                                                          		bitsum.comUnited States
                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                          142.251.16.156
                                                                                                                                                                                          		stats.g.doubleclick.netUnited States
                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                          216.239.38.181
                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                          198.137.150.141
                                                                                                                                                                                          		stripe.comUnited States
                                                                                                                                                                                          		3356LEVEL3USfalse
                                                                                                                                                                                          35.190.80.1
                                                                                                                                                                                          		a.nel.cloudflare.comUnited States
                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                          44.238.18.217
                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                          		16509AMAZON-02USfalse
                                                                                                                                                                                          192.0.76.3
                                                                                                                                                                                          		stats.wp.comUnited States
                                                                                                                                                                                          		2635AUTOMATTICUSfalse
                                                                                                                                                                                          44.240.201.86
                                                                                                                                                                                          		m.stripe.comUnited States
                                                                                                                                                                                          		16509AMAZON-02USfalse
                                                                                                                                                                                          44.237.125.219
                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                          		16509AMAZON-02USfalse
                                                                                                                                                                                          239.255.255.250
                                                                                                                                                                                          		unknownReserved
                                                                                                                                                                                          		unknownunknownfalse
                                                                                                                                                                                          18.164.116.33
                                                                                                                                                                                          		dexeqbeb7giwr.cloudfront.netUnited States
                                                                                                                                                                                          		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                          198.202.176.81
                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                          		22182AS22182USfalse
                                                                                                                                                                                          151.101.192.176
                                                                                                                                                                                          		stripecdn.map.fastly.netUnited States
                                                                                                                                                                                          		54113FASTLYUSfalse

                                                                                                                                                                                          Private

                                                                                                                                                                                          IP
                                                                                                                                                                                          192.168.2.4

                                                                                                                                                                                          General Information

                                                                                                                                                                                          Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                          Analysis ID:1432432
                                                                                                                                                                                          Start date and time:2024-04-27 02:34:05 +02:00
                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                          Overall analysis duration:0h 9m 10s
                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                          Report type:full
                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                          Number of analysed new started processes analysed:43
                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                          Technologies:
                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                          Sample name:SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                          Detection:SUS
                                                                                                                                                                                          Classification:sus30.evad.winEXE@130/203@48/17
                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                          • Successful, ratio: 100%
                                                                                                                                                                                          HCA Information:
                                                                                                                                                                                          • Successful, ratio: 97%
                                                                                                                                                                                          • Number of executed functions: 185
                                                                                                                                                                                          • Number of non-executed functions: 150
                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                          • Found application associated with file extension: .exe

                                                                                                                                                                                          Warnings

                                                                                                                                                                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 142.251.40.163, 142.251.40.238, 172.253.62.84, 34.104.35.123, 23.204.152.150, 199.232.214.172, 192.229.211.108, 142.251.40.200, 172.217.165.138, 142.250.80.3, 142.250.80.74, 142.250.65.234, 142.251.41.10, 142.251.35.170, 142.250.64.74, 142.251.40.106, 142.250.80.106, 142.250.64.106, 142.251.40.138, 142.251.32.106, 142.250.72.106, 142.250.81.234, 142.251.40.202, 142.251.40.170, 142.250.176.202, 142.250.80.42, 142.251.40.131, 142.251.40.174, 142.250.80.35
                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, www.googletagmanager.com, update.googleapis.com, clients.l.google.com
                                                                                                                                                                                          • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                                                                                          Simulations

                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                          01:35:04Task SchedulerRun new task: Session agent for Process Lasso path: "C:\Users\user\Desktop\bitsumsessionagent.exe" s>----------------------------------------------------------------
                                                                                                                                                                                          02:35:01API Interceptor1x Sleep call for process: bitsumsessionagent.exe modified

                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                          IPs

                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                          198.137.150.141https://www.theviolenceproject.org/mass-shooter-database/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                            http://yg5sjx5kzy.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              SecuriteInfo.com.Win32.CoinminerX-gen.29269.21386.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                https://www.leadershipsa.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                  http://linqn0gjvxlx0uvrsd91.rj8lmpy.ruGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                    http://allchgo.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                      151.101.0.176http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                        http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                          https://lithiuimvalley.com/ssdGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                            https://www.ticketlike.fun/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                              https://watsonpropertyllc.formstack.com/forms/staffGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                https://kristie-mancell-s-school.teachable.com/p/centerforfamilylifeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                  https://hatdotgov.freewebhostmost.com/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                    https://preview.webflow.com/preview/2024-project?utm_medium=preview_link&utm_source=designer&utm_content=2024-project&preview=2bf57169f6b59ecf9c01ab696f7c3560&workflow=previewGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                      https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                        https://en.dv-tube.com/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                          192.0.76.3http://timelessbeautylessons.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • pixel.wp.com/g.gif?v=ext&blog=186869850&post=0&tz=0&srv=timelessbeautylessons.com&j=1%3A13.0&host=timelessbeautylessons.com&ref=&fcp=937&rand=0.645624121504794
                                                                                                                                                                                                                          http://enricolevatoblog.altervista.org/usare-antenna-bluetooth-esterna-con-smartphone-android/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • pixel.wp.com/g.gif?v=ext&blog=114565633&post=440&tz=2&srv=enricolevatoblog.altervista.org&j=1%3A12.0&host=enricolevatoblog.altervista.org&ref=http%3A%2F%2Fenricolevatoblog.altervista.org%2Fusare-antenna-bluetooth-esterna-con-smartphone-android%2F&fcp=1788&rand=0.7989966127891737
                                                                                                                                                                                                                          http://ban-mww.com/portfolio/ban/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=189127104&post=0&tz=0&srv=ban-mww.com&host=ban-mww.com&ref=&fcp=2938&rand=0.9300317406887679
                                                                                                                                                                                                                          http://turnsocial.comGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                                          • pixel.wp.com/g.gif?v=ext&j=1%3A7.1.3&blog=41183604&post=0&tz=-8&srv=blog.turnsocial.com&host=blog.turnsocial.com&ref=&fcp=3625&rand=0.05521970713170532
                                                                                                                                                                                                                          http://jutheplumber.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=189499576&post=31&tz=0&srv=jutheplumber.com&host=jutheplumber.com&ref=&fcp=1600&rand=0.11354291871956579
                                                                                                                                                                                                                          http://pitcrit.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • pixel.wp.com/g.gif?v=ext&j=1%3A5.3.2&blog=83440177&post=10415&tz=-4&srv=pitcrit.com&host=pitcrit.com&ref=&fcp=3794&rand=0.8765807685424083
                                                                                                                                                                                                                          44.237.125.219http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                              http://outlookaccount.rf.gd/?i=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                https://kristie-mancell-s-school.teachable.com/p/centerforfamilylifeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                  https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    https://en.dv-tube.com/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                      44.238.18.217https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                        Domains

                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                        stats.wp.comhttps://stake.libertariancounterpoint.com/+6N67YCBGYSfgUDfzZBWz4mBQM+X0RyGi80NjJ/FF4eJwViQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://ytw.aay.mybluehost.me/gre/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://www.hegemann-reiners.de/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        http://www.heritageconsultants.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://www.idofea.org/idea-std-1010-inspection-standardGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://sanmarinoweekly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://sanmarinoweekly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        http://lk-wellness.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/?utm_source=tldrinfosecGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        pixel.wp.comhttps://stake.libertariancounterpoint.com/+6N67YCBGYSfgUDfzZBWz4mBQM+X0RyGi80NjJ/FF4eJwViQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://ytw.aay.mybluehost.me/gre/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://www.hegemann-reiners.de/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        http://www.heritageconsultants.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://www.idofea.org/idea-std-1010-inspection-standardGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://sanmarinoweekly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://sanmarinoweekly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/?utm_source=tldrinfosecGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        https://pridedecor.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        google.comTNQTc6Qmkg.exeGet hashmaliciousMars Stealer, RedLine, SectopRAT, Stealc, VidarBrowse
                                                                                                                                                                                                                                        • 142.251.32.100
                                                                                                                                                                                                                                        https://thehitchhouse.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 142.251.41.4
                                                                                                                                                                                                                                        https://friwin2.z13.web.core.windows.net/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                        • 142.251.41.4
                                                                                                                                                                                                                                        https://pub-12c79d09670f4464af9de32e4799a256.r2.dev/12345.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 142.250.80.100
                                                                                                                                                                                                                                        https://ai7wzovlc.duckdns.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 142.251.40.228
                                                                                                                                                                                                                                        https://svuch3d.duckdns.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 142.251.32.100
                                                                                                                                                                                                                                        https://6mw23o.duckdns.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 142.251.40.196
                                                                                                                                                                                                                                        https://rlx10ld2n.duckdns.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 142.251.40.196
                                                                                                                                                                                                                                        https://htceram.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 142.251.40.196
                                                                                                                                                                                                                                        https://ixkv5pf.duckdns.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 142.251.40.100
                                                                                                                                                                                                                                        stripecdn.map.fastly.nethttp://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.0.176
                                                                                                                                                                                                                                        http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.0.176
                                                                                                                                                                                                                                        https://app.milanote.com/1RZbnl1zfBXuaf?p=r2B66sphbV4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.64.176
                                                                                                                                                                                                                                        https://lithiuimvalley.com/ssdGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                        • 151.101.0.176
                                                                                                                                                                                                                                        https://www.ticketlike.fun/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.192.176
                                                                                                                                                                                                                                        http://outlookaccount.rf.gd/?i=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.192.176
                                                                                                                                                                                                                                        https://watsonpropertyllc.formstack.com/forms/staffGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.0.176
                                                                                                                                                                                                                                        http://ranchpools.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.128.176
                                                                                                                                                                                                                                        https://templett.com/design/v2/demo/TidyLady19/183741#Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.192.176
                                                                                                                                                                                                                                        https://kristie-mancell-s-school.teachable.com/p/centerforfamilylifeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.128.176
                                                                                                                                                                                                                                        m.stripe.comhttp://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.237.125.219
                                                                                                                                                                                                                                        http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.237.49.162
                                                                                                                                                                                                                                        https://app.milanote.com/1RZbnl1zfBXuaf?p=r2B66sphbV4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.237.49.162
                                                                                                                                                                                                                                        https://lithiuimvalley.com/ssdGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                        • 54.213.45.60
                                                                                                                                                                                                                                        https://www.ticketlike.fun/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.237.131.121
                                                                                                                                                                                                                                        http://outlookaccount.rf.gd/?i=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.237.125.219
                                                                                                                                                                                                                                        https://watsonpropertyllc.formstack.com/forms/staffGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.240.235.135
                                                                                                                                                                                                                                        http://ranchpools.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 54.68.143.41
                                                                                                                                                                                                                                        https://templett.com/design/v2/demo/TidyLady19/183741#Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.239.191.39
                                                                                                                                                                                                                                        https://kristie-mancell-s-school.teachable.com/p/centerforfamilylifeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 44.237.49.162

                                                                                                                                                                                                                                        ASNs

                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                        AMAZON-02USRDFchOT4i0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 13.59.156.167
                                                                                                                                                                                                                                        DnauGgOFTX.elfGet hashmaliciousMoobot, OkiruBrowse
                                                                                                                                                                                                                                        • 34.254.182.186
                                                                                                                                                                                                                                        https://www.steampowered.solutions/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 54.76.79.16
                                                                                                                                                                                                                                        https://verfolgung-lieferung.net/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 13.225.214.56
                                                                                                                                                                                                                                        https://wall.page/jcw7sZGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 35.179.36.99
                                                                                                                                                                                                                                        PsoriasisGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 54.70.175.13
                                                                                                                                                                                                                                        4NnBaAMXoc.elfGet hashmaliciousMirai, Moobot, OkiruBrowse
                                                                                                                                                                                                                                        • 35.152.84.43
                                                                                                                                                                                                                                        sQSqM58mvl.elfGet hashmaliciousMirai, Moobot, OkiruBrowse
                                                                                                                                                                                                                                        • 34.247.74.11
                                                                                                                                                                                                                                        https://palmettoanimalclinic.aweb.page/p/0ac693e3-6f85-4fd6-86d7-f770e6e73d32Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 52.217.194.240
                                                                                                                                                                                                                                        https://rise.articulate.com/share/zO8B8EFq4bxdit8kVRcUzBOZMbkl1WSz#/lessons/2GyyR-D75sLlZcXDanN5dOaLxSSkgNvoGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 108.156.83.19
                                                                                                                                                                                                                                        LEVEL3USsQSqM58mvl.elfGet hashmaliciousMirai, Moobot, OkiruBrowse
                                                                                                                                                                                                                                        • 4.217.42.199
                                                                                                                                                                                                                                        http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 198.137.150.201
                                                                                                                                                                                                                                        http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 198.137.150.201
                                                                                                                                                                                                                                        0tfJECfbEP.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                        • 8.91.130.151
                                                                                                                                                                                                                                        WwKYOW4jIg.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                        • 4.17.92.38
                                                                                                                                                                                                                                        tw7rloKDkG.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                        • 4.98.147.136
                                                                                                                                                                                                                                        ZcOjro0Chh.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                        • 9.232.1.11
                                                                                                                                                                                                                                        8dToMPcvO1.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                        • 9.227.77.91
                                                                                                                                                                                                                                        5RiFmXTOMp.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                        • 4.22.71.9
                                                                                                                                                                                                                                        sBgS8t0K7i.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                        • 9.214.202.126
                                                                                                                                                                                                                                        FASTLYUShttps://thehitchhouse.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 151.101.2.137
                                                                                                                                                                                                                                        https://friwin2.z13.web.core.windows.net/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                        • 151.101.1.229
                                                                                                                                                                                                                                        https://wall.page/jcw7sZGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.65.195
                                                                                                                                                                                                                                        https://pub-9d425aa9335c4307a502c0721d499bdd.r2.dev/officemm.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 199.232.36.193
                                                                                                                                                                                                                                        PsoriasisGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.67.6
                                                                                                                                                                                                                                        https://frimac2.z13.web.core.windows.net/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                        • 151.101.1.229
                                                                                                                                                                                                                                        https://wvijwiyjap-xn----90at1dc-xn----p1ai.translate.goog/hdiw/zqteil/efdfdqgb?ZEdOcFFIUmtZMm91ZEdWNFlYTXVaMjkyOml5YXBpdndiY20=+&_x_tr_sch=http&_x_tr_sl=dosderma&_x_tr_tl=bempjhrlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.66.137
                                                                                                                                                                                                                                        https://worker-curly-silence-18d1.pistisarte.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 151.101.130.137
                                                                                                                                                                                                                                        https://palmettoanimalclinic.aweb.page/p/0ac693e3-6f85-4fd6-86d7-f770e6e73d32Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 151.101.129.140
                                                                                                                                                                                                                                        https://rise.articulate.com/share/zO8B8EFq4bxdit8kVRcUzBOZMbkl1WSz#/lessons/2GyyR-D75sLlZcXDanN5dOaLxSSkgNvoGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 151.101.2.137
                                                                                                                                                                                                                                        CLOUDFLARENETUSRDFchOT4i0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 172.67.181.9
                                                                                                                                                                                                                                        https://thehitchhouse.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 104.17.25.14
                                                                                                                                                                                                                                        https://friwin2.z13.web.core.windows.net/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                        • 172.67.38.66
                                                                                                                                                                                                                                        https://pub-12c79d09670f4464af9de32e4799a256.r2.dev/12345.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 104.17.25.14
                                                                                                                                                                                                                                        https://www.steampowered.solutions/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 104.17.25.14
                                                                                                                                                                                                                                        https://verfolgung-lieferung.net/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 104.17.25.14
                                                                                                                                                                                                                                        https://wall.page/jcw7sZGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 104.16.123.96
                                                                                                                                                                                                                                        PdfConverters.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                        https://pub-9d425aa9335c4307a502c0721d499bdd.r2.dev/officemm.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 104.17.25.14
                                                                                                                                                                                                                                        https://loowes.shop/Get hashmaliciousHTMLPhisher, TechSupportScamBrowse
                                                                                                                                                                                                                                        • 104.22.24.131
                                                                                                                                                                                                                                        AUTOMATTICUShttp://carajasnutricaoanimal.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.66.59
                                                                                                                                                                                                                                        https://cdp1.tracking.e360.salesforce.com/click?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0ZW5hbnRfaWQiOiJhMzYwL3Byb2QvNTBhMGYyODg2ZTg4NDA3Y2I1ODUwYmRjOWQwZGIxZTUiLCJjcmVhdGlvbl90aW1lIjoxNzE0MTQxMDYyLCJtZXNzYWdlX2lkIjoiMGd5MHB6amd2a3hmeTlnN24wNzkzdzQ3IzIzYWUwMmFhLWVjMDQtNGYwMy1iODk3LWM4NjMyYzU3ZDIxMyIsImNoYW5uZWxfdHlwZSI6ImVtYWlsIiwiZXhwIjoxNzQ1Njc3MDYyLCJyZWRpcmVjdF91cmwiOiJodHRwczovL3ZtbWVzc2FuZ2VyLnJkb2NtZ2xvYmFsLmNvbS9kb2NzL2luZGV4LnBocD9tYWlsPSUyMHNlYW4uZnVlbGxoYXJ0QGJhbmthdGNpdHkuY29tJnBhdGhzPWFib3ZlJmxpbms9RmF4X091dGxvb2siLCJpbmRpdmlkdWFsX2lkIjoiNDBmMjcwMDVjM2U0ZWRkMzE4MTUyNDIxMWMwZmNiZDYifQ.HuxvS7w7UGVjl7M8LBH9yLcIGAIbx_lymrlb7oZbnQ4Get hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                        • 192.0.78.26
                                                                                                                                                                                                                                        https://cdp1.tracking.e360.salesforce.com/click?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0ZW5hbnRfaWQiOiJhMzYwL3Byb2QvNTBhMGYyODg2ZTg4NDA3Y2I1ODUwYmRjOWQwZGIxZTUiLCJjcmVhdGlvbl90aW1lIjoxNzE0MTAxOTIyLCJtZXNzYWdlX2lkIjoiMGd4d3poYXc3czloeGZoZWNuNjNuYnFwIzg0YjRlN2VjLTdhZjUtNDU5Yi1hNTYxLWE1ZmVlMTE3NTllNiIsImNoYW5uZWxfdHlwZSI6ImVtYWlsIiwiZXhwIjoxNzQ1NjM3OTIyLCJyZWRpcmVjdF91cmwiOiJodHRwczovL3ZtbWVzc2FuZ2VyLnJkb2NtZ2xvYmFsLmNvbS9kb2NzL2luZGV4LnBocD9tYWlsPSUyMGphbWVzLmZheUBjb3VudHluYXRpb25hbGJhbmsuY29tJnBhdGhzPWFib3ZlJmxpbms9RmF4X091dGxvb2siLCJpbmRpdmlkdWFsX2lkIjoiNDA4YWI4OGRlY2JmNDFjMjRhYTZhMDRlOWU1OWMzZDAifQ.i-tkK1Lnys-MM487ot1MrSYQb6ExLgZNRQbgsH8B2K0Get hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                        • 192.0.78.26
                                                                                                                                                                                                                                        https://cdp1.tracking.e360.salesforce.com/click?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0ZW5hbnRfaWQiOiJhMzYwL3Byb2QvNTBhMGYyODg2ZTg4NDA3Y2I1ODUwYmRjOWQwZGIxZTUiLCJjcmVhdGlvbl90aW1lIjoxNzE0MTM3MzAwLCJtZXNzYWdlX2lkIjoiMGd5MGJnNjBqOTJwcmNuZjhhNHNxYWpwIzZjY2RmYjMyLWJiNzgtNGQwNC1hYWYwLTg3MjdkMTg4MjZlMyIsImNoYW5uZWxfdHlwZSI6ImVtYWlsIiwiZXhwIjoxNzQ1NjczMzAwLCJyZWRpcmVjdF91cmwiOiJodHRwczovL3ZtbWVzc2FuZ2VyLnJkb2NtZ2xvYmFsLmNvbS9kb2NzL2luZGV4LnBocD9tYWlsPSUyMGhiYXJ0aGxvd0BzZWN1cnVzdGVjaG5vbG9naWVzLmNvbSZwYXRocz1hYm92ZSZsaW5rPUZheF9PdXRsb29rIiwiaW5kaXZpZHVhbF9pZCI6IjQ0NDY4NzI5YzA1N2Q5ZDJjYzNiYjZlOTc3NDg3MzUyIn0.AryFGbNWOut6hGg1x_WBQ4QL5QU_wggDk6q2PUj7rNIGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                        • 192.0.78.27
                                                                                                                                                                                                                                        https://exploredrinks.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.73.2
                                                                                                                                                                                                                                        http://pengoodet.liveGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.77.39
                                                                                                                                                                                                                                        https://stake.libertariancounterpoint.com/+6N67YCBGYSfgUDfzZBWz4mBQM+X0RyGi80NjJ/FF4eJwViQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.77.2
                                                                                                                                                                                                                                        http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.76.3
                                                                                                                                                                                                                                        http://zamag.net/pr-newswire-asia/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.73.2
                                                                                                                                                                                                                                        https://yxv.ens.mybluehost.me/Ca/net/login.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 192.0.73.2

                                                                                                                                                                                                                                        JA3 Fingerprints

                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                        28a2c9bd18a11de089ef85a160da29e4TNQTc6Qmkg.exeGet hashmaliciousMars Stealer, RedLine, SectopRAT, Stealc, VidarBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        https://thehitchhouse.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        https://friwin2.z13.web.core.windows.net/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        https://pub-12c79d09670f4464af9de32e4799a256.r2.dev/12345.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        VucRf0jboS.exeGet hashmaliciousMars Stealer, PureLog Stealer, RedLine, SectopRAT, Stealc, Vidar, zgRATBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        https://htceram.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        https://www.steampowered.solutions/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        https://wall.page/jcw7sZGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        PdfConverters.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157
                                                                                                                                                                                                                                        https://pub-9d425aa9335c4307a502c0721d499bdd.r2.dev/officemm.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                        • 69.192.108.161
                                                                                                                                                                                                                                        • 40.68.123.157

                                                                                                                                                                                                                                        Dropped Files

                                                                                                                                                                                                                                        No context

                                                                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\ProcessLasso\config\prolasso.ini

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\PostUpdate.exe
                                                                                                                                                                                                                                        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):8406
                                                                                                                                                                                                                                        Entropy (8bit):3.521323786013192
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:HCU8hjD6xebh7raMm3am1ZHWYFgCZiONkM666LYsaE9xum:H18hjD7t72Ham1ZHWYFgKiONkM666LY+
                                                                                                                                                                                                                                        MD5:B76759FCC6FBFDB88F571ADFDB2E2232
                                                                                                                                                                                                                                        SHA1:3F44F09D2211100D6F9D11A46EDFFE00188B6B7C
                                                                                                                                                                                                                                        SHA-256:D6E359E4C375E223D2091D8778E0C369836B3CA6D5439972D1903CE40E46E063
                                                                                                                                                                                                                                        SHA-512:FC550B69B0FE54CBE5C5FF8E4E0F44FD82A86726062D34C45AF1DDD3A1BF854374432CFE13E85D7E6B5AA1176677409EC8029B0379AA9523CA4E58998647DBA2
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:..[.A.d.m.i.n.i.s.t.r.a.t.i.o.n.].....V.e.r.s.i.o.n.=.5.9.9.0.6.0.0.....C.o.n.f.i.g.P.a.s.s.w.o.r.d.M.D.5.=.....[.O.u.t.O.f.C.o.n.t.r.o.l.P.r.o.c.e.s.s.R.e.s.t.r.a.i.n.t.].....O.o.c.O.n.=.t.r.u.e.....E.x.c.l.u.d.e.C.h.i.l.d.r.e.n.O.f.F.o.r.e.g.r.o.u.n.d.=.t.r.u.e.....D.i.s.a.b.l.e.P.r.o.B.a.l.a.n.c.e.W.h.e.n.S.y.s.I.d.l.e.=.f.a.l.s.e.....P.r.o.B.a.l.a.n.c.e.D.r.o.p.O.n.e.R.a.n.d.o.m.C.o.r.e.=.f.a.l.s.e.....D.o.N.o.t.A.d.j.u.s.t.A.f.f.i.n.i.t.y.I.f.C.u.s.t.o.m.i.z.e.d.=.t.r.u.e.....O.o.c.D.i.s.a.b.l.e.C.o.r.e.P.a.r.k.i.n.g.W.h.i.l.e.I.n.=.f.a.l.s.e.....U.s.e.E.f.f.i.c.i.e.n.c.y.M.o.d.e.=.f.a.l.s.e.....D.i.s.a.b.l.e.P.r.o.B.a.l.a.n.c.e.I.f.S.y.s.I.d.l.e.T.h.i.s.M.a.n.y.M.S.=.3.0.0.0.0.....T.o.t.a.l.P.r.o.c.e.s.s.o.r.U.s.a.g.e.B.e.f.o.r.e.R.e.s.t.r.a.i.n.t.=.4.5.....P.e.r.P.r.o.c.e.s.s.U.s.a.g.e.B.e.f.o.r.e.R.e.s.t.r.a.i.n.t.=.3.2.....T.i.m.e.O.v.e.r.Q.u.o.t.a.B.e.f.o.r.e.R.e.s.t.r.a.i.n.t.=.9.0.0.....P.e.r.P.r.o.c.e.s.s.U.s.a.g.e.F.o.r.R.e.s.t.o.r.e.=.7.....P.l.a.y.O.n.R.e.s.t.r.a.i.n.t.

                                                                                                                                                                                                                                        C:\Users\user\Desktop\CPUEater.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):502680
                                                                                                                                                                                                                                        Entropy (8bit):6.331499761228189
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:CPhs1WP5WYAGYYJNXwAbUZAzpGB3DKKJW:ehs12WF+bUZ0EBTKKQ
                                                                                                                                                                                                                                        MD5:85FE9AEE94FD7AC4F9E41FF6F5FA6DBC
                                                                                                                                                                                                                                        SHA1:3E4FB6B60F0638E49A96ECA21FF391ECE6AF3C53
                                                                                                                                                                                                                                        SHA-256:B51EEB39D29262AD16493177A7938957A59366FC9D92C5755025CFB63C5B39D0
                                                                                                                                                                                                                                        SHA-512:B23F7D9B4919F9F30E09FDBE84213BDB90210662811E1A3C48777DD3EAB0BFBE8EFB531F7459E6DDDF92A038FCD5EE478CC821B55508F8B3FD39526CECA131EF
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........a..2..2..23..3..23..3O..2..2..2.'.3..2.'.3..2.'.3...23..3..23..3..23..3...2..2...2.'.3..2.'$2..2.L2..2.'.3..2Rich..2................PE..d.....&f.........."....&.....(......<..........@.............................0............`.............................................................P!.......+.......)... ......`...p.......................(... ...@...............p............................text...>........................... ..`.rdata...Q.......R..................@..@.data....z...0......................@....pdata...+.......,...(..............@..@_RDATA...............T..............@..@.rsrc...P!......."...V..............@..@.reloc....... .......x..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\Insights.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):776592
                                                                                                                                                                                                                                        Entropy (8bit):6.3998419109016
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:7ZA0csk5NTVNTMq6Qatdjr8gThSP4Z22u7iKEue6FoKG8b:LrkzTVNTMqLIjrw7iJr8b
                                                                                                                                                                                                                                        MD5:6F99C4147AB853651E6E32AE463BBA1A
                                                                                                                                                                                                                                        SHA1:65A79A21A6DC62E90AD0ACAA2706F628EA173ECD
                                                                                                                                                                                                                                        SHA-256:7AA769821DD96DA128037EDD099B45C8698BB927AAD9FD225F167D64EB80A2C8
                                                                                                                                                                                                                                        SHA-512:F3AEBE9BCBDBB4165DE9EE753280959D4956530A3EF5AEE6DC3D6DF958E6A4FD0329E6E9B7F6398B304450A4AE1E472D06C0D47937FA4EF95618B5D80E387A9B
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......:K.#~*.p~*.p~*.p.X.q{*.p.X.q.*.p~*.p.*.px..ql*.px..ql*.px..q#*.p.X.qo*.p.X.q|*.p.X.qe*.p~*.p.+.p...qL*.p..lp.*.p~*.p.*.p...q.*.pRich~*.p........................PE..d...'.&f.........."....&............,..........@.............................p.......m....`.....................................................................`3.......)...`...... &..p....................(..(....$..@............0...............................text............................... ..`.rdata.......0......................@..@.data...|........D..................@....pdata..`3.......4..................@..@_RDATA..............................@..@.rsrc...............................@..@.reloc.......`......................@..B........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\InstallHelper.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):786328
                                                                                                                                                                                                                                        Entropy (8bit):6.375554687262462
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:nBsGxoDcRcLb1NjXZ+Iin/BGWmc/GBdmhVn7+EsqhgbqLKGH:BzicRMb1NjXxinNhVnyrOgbqxH
                                                                                                                                                                                                                                        MD5:E833BC3F3D18315C629FD6D387FF9B72
                                                                                                                                                                                                                                        SHA1:C013AF07562AFC75FAEC50DDE190447855498024
                                                                                                                                                                                                                                        SHA-256:EF2126EB8BACA44B3534AA9E717EBA968220663503EDC7D72565D3364631D7FB
                                                                                                                                                                                                                                        SHA-512:B49EA64B4AE164A26879815BF1A54D7FF9EBD6734FF0FAAE7EB2D939E6E036B649B051DD3ACD0CBEE6605B19FD5A0BFA5BFD9692778DD8E869934ECCBB868BFA
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........u..&..&..&...'..&...'y.&..&..&.[.'..&.[.'..&.[.'..&...'..&...'..&...'..&..&..&.[.'..&.[m&..&...&..&.[.'..&Rich..&........PE..d...l.&f..........#....&.&...$.................@.......................................... .............................................................x........3.......)...........\..p....................^..(....Z..@............@...............................text....%.......&.................. ..`.rdata.......@.......*..............@..@.data...L........D..................@....pdata...3.......4..................@..@_RDATA...............J..............@..@.rsrc...x............L..............@..@................................................................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\LogViewer.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):883088
                                                                                                                                                                                                                                        Entropy (8bit):5.649221579988125
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:WUgTC0XQLyOD7Ejw0t7pIHIFnAex1UxD7xao+NWg2COAs:aES6D7xa3oCBs
                                                                                                                                                                                                                                        MD5:8D1366E00A076D9D237B69F6A491B08C
                                                                                                                                                                                                                                        SHA1:265DCECA50BF1B817EC6D58560AC54D5AC96E302
                                                                                                                                                                                                                                        SHA-256:C75114340EE3D2CEA5822607699ED0C8801D5CA2341AD25559E2569ACCDD8480
                                                                                                                                                                                                                                        SHA-512:62613CE4F3D390AC9F12D5EF1C85F539496D621486C183D8A832A145F4653D50DCFBC57EE3763A120C3C9FB40271F081FCADE55E0691B14A88F8AF42E36444D1
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............@...@...@i.A...@i.A...@i.A...@...@...@...A...@...A...@...A..@i.A...@i.A...@...@...@...A...@..J@...@.."@...@...A...@Rich...@................PE..d...e.&f.........."....&.............e.........@....................................S.....`............................................................x4... ...H...P...)..............p.......................(.......@............................................text............................... ..`.rdata..(...........................@..@.data...tP.......$..................@....pdata...H... ...J..................@..@_RDATA.......p......................@..@.rsrc...x4.......6..................@..@.reloc...............@..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\PostUpdate.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):683920
                                                                                                                                                                                                                                        Entropy (8bit):6.418827767043763
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:hxhDrq4PnWfzzQ7QveiZzlxguBortX1KGWa:XBrq4PWfzlzlxlBSRWa
                                                                                                                                                                                                                                        MD5:B011082B19F6B97E7EF8611B31C60CE2
                                                                                                                                                                                                                                        SHA1:7DB4D29C92A7D27B35FFEE1944AA33F9A9C5DFD5
                                                                                                                                                                                                                                        SHA-256:B96CA68A4227F4D3E46C4B372606E08B5F03CAB8F0DC5E93C2F2D280C654C1B2
                                                                                                                                                                                                                                        SHA-512:AECE0095828060ED2FFC5C1573FDE94D9B57E5C53511F6C7D0047FAFC3A981646BFC279D92823B2D701D0EDD94249E1DBE687162A1CF2546E8ECCD47E8B976CB
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........c.F...F...F.......C...........F...G...@F..T...@F..T...@F..........W.......D......._...F.......,F..n...,F.G...F..G...,F..G...RichF...................PE..d..._.&f.........."....&............0..........@....................................m.....`..................................................p.......P..........,...F...)..............p.......................(.......@............................................text............................... ..`.rdata...x.......z..................@..@.data....w...........p..............@....pdata...,..........................@..@_RDATA.......@......................@..@.rsrc.......P......................@..@.reloc...............<..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\ProcessGovernor.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):1291672
                                                                                                                                                                                                                                        Entropy (8bit):6.468279922627871
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:24576:QwIcKaOSOihLp0Ef7lAEFI9epPNwRAusF+E:QwIcKaYiBp37lAE1pPNksk
                                                                                                                                                                                                                                        MD5:89C4EB84DC24E1B97CFA311066ABA078
                                                                                                                                                                                                                                        SHA1:EA7D02E41CFC7E87A44B9D5CD14A5BE3CF93D6E4
                                                                                                                                                                                                                                        SHA-256:D10ECBBD9D700217238B81EF7ABB2C687324EC9ECF728B76AD4DA9DAA2C8DBEF
                                                                                                                                                                                                                                        SHA-512:72449968B5870C9032927421B112D81D71948A8D8EFB69A6CDD4429EB67BED56F17F873FE973C54B294066D206F6F3CE8CE62338167C684D6F04EC579F20E9D7
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........@h.!...!...!..XS...!..XS..9!...!...!.......!.......!.......!..XS...!..XS...!..XS...!...!... ......!......!...!...!......!..Rich.!..........................PE..d... .&f.........."....&.~...J.......U.........@.....................................'....`.................................................h........`.........|w.......)..............8.......................(.......@............................................text...^|.......~.................. ..`.rdata..............................@..@.data...<....0...X... ..............@....pdata..|w.......x...x..............@..@_RDATA.......P......................@..@.rsrc.......`......................@..@.reloc...............z..............@..B........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\ProcessLasso.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):1880984
                                                                                                                                                                                                                                        Entropy (8bit):6.477331125585181
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:24576:e0Hy0Vf/lV+4H/HzOm4S36wmxBA+UUJUM03AXxYqG3Av2A3BtNlmS:xSaLH/Tb4c6MEJUM0QXqwl
                                                                                                                                                                                                                                        MD5:4D2AAE8E1F74C5A153CA003546FF217C
                                                                                                                                                                                                                                        SHA1:BF637930A62E39F93C7C2B9FA5CC6065D5150DBC
                                                                                                                                                                                                                                        SHA-256:8DEE39F680AFDB20D664C6EA33C517365CF3563437BFBF316D90AE2D7F451BDB
                                                                                                                                                                                                                                        SHA-512:507726AB417C1D7CA9CD07713C414505C8282299B0A42B48D5C1692C6E6C4824FB99C3ABAE7CE69BA38D5753BB29A37421E58A6AFE8FE2A9E696D0FCBEC79553
                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........ GR.A)..A)..A)./3*..A)./3,.JA)..A)..A)...-..A)...*..A)...,..A)./3-..A)./3/..A)./3(..A)..A(..@)... ..A)......A)..A...A)...+..A).Rich.A).........................PE..d...F.&f.........."....&.............Q.........@.............................@............`..................................................v..|....0..@....p..,........)... ..<.......T.......................(...P...@............................................text............................... ..`.rdata..N...........................@..@.data...,........`..................@....pdata..,....p......................@..@_RDATA....... ......................@..@.rsrc...@....0......................@..@.reloc..<.... .......v..............@..B........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\ProcessLassoLauncher.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):410520
                                                                                                                                                                                                                                        Entropy (8bit):6.239461902010935
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3072:pVPAgBPrsmf3c4sSxGtHrxHb81dVEI7LRbl7Vu1LIk7HoZ7WK7TNdA:jHhrsmf3c2x8Ht8fVhk1k7WGj
                                                                                                                                                                                                                                        MD5:DFA0C77B17D989146D5908CA76C7D5B3
                                                                                                                                                                                                                                        SHA1:3EF7CC43AC327D20D0CC5A1F78EACD337CFE67BE
                                                                                                                                                                                                                                        SHA-256:42DB8C6889E5E90EE63B36EAF3033E48F65B14698541B56AB6F52DD60E2A779B
                                                                                                                                                                                                                                        SHA-512:36AF8DE0B605488D904F09D03CC2D7C38594CEA86862358E7ED63C49689F2C2890C436506A778A04662F0A725EF88632134EBF1CC63C628C5D40FC89D51A9E9C
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........p.n_..=_..=_..=.c.<Z..=.c.<...=.c.<U..=_..=^..=Y..<M..=Y..<N..=Y..<d..=.c.<^..=.c.<L..=_..=...=5..<O..=5.Y=^..=_.1=^..=5..<^..=Rich_..=................PE..d...P.&f.........."....&............8=.........@....................................3.....`..................................................r..d.......................)...p.......O..p....................R..(....N..@...............0............................text............................... ..`.rdata..............................@..@.data...4*...........d..............@....pdata...............r..............@..@_RDATA..............................@..@.rsrc..............................@..@.reloc.......p......................@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\QuickUpgrade.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\PostUpdate.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):485264
                                                                                                                                                                                                                                        Entropy (8bit):6.175979526051006
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:VcS0PgawfIWvTd+m6wqfYMg7a6ilM4GENs7WGIa:+FHWvTd+m6wqzOa5M4jsKGIa
                                                                                                                                                                                                                                        MD5:1489B0959F14961A427F0C789E865A7A
                                                                                                                                                                                                                                        SHA1:BDB09B032BE7AABA5A2058876CB88E03380B6A8C
                                                                                                                                                                                                                                        SHA-256:64F0A1A7031BDBC417DC8A73D0B2B1986F27BE35371528EE8F2577A3AA5B0C9D
                                                                                                                                                                                                                                        SHA-512:8C9EB444D3FB9CEC73455665455EB488B10D20D6ECBA064BD09FAC97075E4892F6A2838C1B982E8F71FD150F7925D0DFC698482E99AC30EADB291B7AA9009350
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@..5..af..af..af..bg..af..dg..af..eg..af..af..af.7eg..af.7bg..af.7dgD.afn7hg".af..gg..af..`g..af..`fP.afn7dg..afn7.f..af...f..afn7cg..afRich..af........PE..d....&f.........."....&.2...(.................@.....................................Q....`..................................................;..................4....>...)......<.......T.......................(...`...@............P.. ............................text....1.......2.................. ..`.rdata..R....P.......6..............@..@.data...\p...P...R...4..............@....pdata..4...........................@..@_RDATA..............................@..@.rsrc...............................@..@.reloc..<............4..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\QuickUpgrade.exe.Replacement

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):485264
                                                                                                                                                                                                                                        Entropy (8bit):6.175979526051006
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:VcS0PgawfIWvTd+m6wqfYMg7a6ilM4GENs7WGIa:+FHWvTd+m6wqzOa5M4jsKGIa
                                                                                                                                                                                                                                        MD5:1489B0959F14961A427F0C789E865A7A
                                                                                                                                                                                                                                        SHA1:BDB09B032BE7AABA5A2058876CB88E03380B6A8C
                                                                                                                                                                                                                                        SHA-256:64F0A1A7031BDBC417DC8A73D0B2B1986F27BE35371528EE8F2577A3AA5B0C9D
                                                                                                                                                                                                                                        SHA-512:8C9EB444D3FB9CEC73455665455EB488B10D20D6ECBA064BD09FAC97075E4892F6A2838C1B982E8F71FD150F7925D0DFC698482E99AC30EADB291B7AA9009350
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@..5..af..af..af..bg..af..dg..af..eg..af..af..af.7eg..af.7bg..af.7dgD.afn7hg".af..gg..af..`g..af..`fP.afn7dg..afn7.f..af...f..afn7cg..afRich..af........PE..d....&f.........."....&.2...(.................@.....................................Q....`..................................................;..................4....>...)......<.......T.......................(...`...@............P.. ............................text....1.......2.................. ..`.rdata..R....P.......6..............@..@.data...\p...P...R...4..............@....pdata..4...........................@..@_RDATA..............................@..@.rsrc...............................@..@.reloc..<............4..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\ThreadRacer.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):554384
                                                                                                                                                                                                                                        Entropy (8bit):6.348467941451856
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:vDFE4hwQC+Gx8hM+RanP8Pm59Yh/DQLMjhICtmCBNJ7WGoM:vDFNCPxX+RanP8Pm59c2MjqoJKGoM
                                                                                                                                                                                                                                        MD5:0AD183837041DF285DDD5F8648A78B15
                                                                                                                                                                                                                                        SHA1:1E95F4DE4D5053805F9D33A7FD15986C584507EB
                                                                                                                                                                                                                                        SHA-256:0292DE4FCDC09E6545FB2A6EB544183F78DC0810539B2FBC8B3E016C47ACF087
                                                                                                                                                                                                                                        SHA-512:A1B680E9258B9B7EEE188095D63A3C295B3EA6F5A225FD8583F8F06C4CF01CFEC97C094FB0A50F23EC7B3A5FCEFF4AC801B83E4A044AC51301D694AA9BB96581
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........H..)...)...)..5[...)..5[..I)...)...).....).....)....)......)..5[...)..5[...)..5[...)...)..(......)...^..)...)6..)......)..Rich.)..................PE..d.....&f.........."....&.X...L.................@....................................%_....`..................................................~.......@.......... %...L...)...........;..p....................=..(...P:..@............p...............................text....W.......X.................. ..`.rdata.......p... ...\..............@..@.data....n...........|..............@....pdata.. %.......&..................@..@_RDATA.......0......................@..@.rsrc........@......................@..@.reloc...............B..............@..B........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\TweakScheduler.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):635792
                                                                                                                                                                                                                                        Entropy (8bit):6.375072456992831
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:8q7HtPCbSJzRGEVcmWY2lLEfsmpHF3U+gFY7r0hTSOxio2qp6Zt+CfvNxk:8qTxBKziokt+eFxk
                                                                                                                                                                                                                                        MD5:847B8B81A6A349CCE14D53185F7CC90F
                                                                                                                                                                                                                                        SHA1:F5332AEB1B8728F5AD4A09F0596E27D64B1A6DB0
                                                                                                                                                                                                                                        SHA-256:FC844FE91B5673FE8DF88B227DEF55F73C3A4AAD00323B851EE806FCAD5919BA
                                                                                                                                                                                                                                        SHA-512:F2732B0E203BC7768E91EBC1D84CD26645BA41E0529B8431698E417823A4B496612E1CA2965677963BFE1C61CCEF6D3F679730C59E549F870E7DD2EDF9B758F5
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........v..%..%..%...$..%...$I..%...$..%..%..%.%.$..%.%.$..%.%.$..%...$..%...$..%..%%..%.%.$..%.%*%..%.B%..%.%.$..%Rich..%........PE..d.....&f.........."....&............X..........@.....................................-....`..................................................................P...].......)...........%..p....................)..(....$..@............... ............................text...4........................... ..`.rdata..p...........................@..@.data...\g.......B..................@....pdata...]...P...^..................@..@memcpy_..............p..............@..._RDATA...............r..............@..@.rsrc................t..............@..@.reloc...............|..............@..B................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\bitsumsessionagent.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):185744
                                                                                                                                                                                                                                        Entropy (8bit):6.324854081358744
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3072:0SpF5lflRmgykL2cEE52WsVdLze6g0hHjWJ7zFaFa3mAJUJeBSeZG5W:DX/fDmgykL2cEERsVdn64jY7AQMeCW
                                                                                                                                                                                                                                        MD5:15A2FFF14C68DDDB8DC868ABEBDB6B6A
                                                                                                                                                                                                                                        SHA1:B5BA268834186385CB83857E9D4F4EE6F767833A
                                                                                                                                                                                                                                        SHA-256:74857A2C5A44DE6FB283E005FB0556EC4B7380F19161DFEAEC374ECC4C0B11AC
                                                                                                                                                                                                                                        SHA-512:A1370C5143FDDE0DC1A9D76C04BBA4AA24B94E479A64B867638DB64C08303CD83131BA5C4C5F10D0E249E74D339BB5D1D9BB9A9F097739217B84267844526E72
                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$..........f@..5@..5@..5...4E..5...4...5...4J..5@..5A..5F[.4P..5F[.4Q..5...4A..5F[.4...5...4K..5@..5...5*[.4G..5*[.5A..5@.l5A..5*[.4A..5Rich@..5........................PE..d.....&f.........."....&....."......<=.........@..........................................`..................................................v..P.......x.......X........)...........O..p....................Q..(....M..@............................................text............................... ..`.rdata..............................@..@.data....%...........v..............@....pdata..X...........................@..@_RDATA..............................@..@.rsrc...x...........................@..@.reloc..............................@..B........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl-update.cmd

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                                                        Entropy (8bit):4.084183719779189
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:mKDDGXdWNLhymLGO:hSXd6hXGO
                                                                                                                                                                                                                                        MD5:CD60CCD708D428DF44CA1D454AD0D68E
                                                                                                                                                                                                                                        SHA1:83E3FB9EF19C7D3FAABC0B391F96803652FDA425
                                                                                                                                                                                                                                        SHA-256:AB965ED0402B4C474FE6C988AFEE9957C5494C687745114FC80D1FB70FB071BB
                                                                                                                                                                                                                                        SHA-512:B400530473683DE0F7CBA3F206B38BA1A0A4D3156A06168C3DB0391EB33BE1CB6FA65E736C746067AAC394D538FC35DE8764C30978734BCF4E84392B3294C10C
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:@echo off..processlasso.exe /updatecheck

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl.cmd

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):77
                                                                                                                                                                                                                                        Entropy (8bit):4.479739490998215
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:mKDD/i+JQMwmov1SWWDqewdcIS:h+GQfH/WOhdcIS
                                                                                                                                                                                                                                        MD5:AA54D58336D2565C369498D035737F8A
                                                                                                                                                                                                                                        SHA1:C6A8791264081A6F854B30AC11477BDD83A8CBEE
                                                                                                                                                                                                                                        SHA-256:9AF8ADD66B2BB4A0252B65E0F13238055B601D689E8D29455D5B2C87F901FD7B
                                                                                                                                                                                                                                        SHA-512:82D9EEAB7CB95F012B55D531BA7AF84546BE650702F40CA294C74858ECA5EADC0ED7A87BC65122DF4093E483DFFE1E04E306845871955B2DC4F5113F1CF34838
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:@echo off..InstallHelper.exe /terminate..ProcessLassoLauncher.exe /showwindow

                                                                                                                                                                                                                                        C:\Users\user\Desktop\plActivate.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):222616
                                                                                                                                                                                                                                        Entropy (8bit):6.376714551041116
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:2ltriOEkhed3s/mJN8fVCSYQhvqFHOU8f:+trRZhed3s/mJN8fJ91hH
                                                                                                                                                                                                                                        MD5:A9B7DE5F126368A851C5B399D3882443
                                                                                                                                                                                                                                        SHA1:5AFF40A6BF3FA941A234EB7CDE4756F94B7DAF0F
                                                                                                                                                                                                                                        SHA-256:508A651E996B550F6D29EE3E3CAF6031403694BF7A8E636D815CBE3EBDC8B543
                                                                                                                                                                                                                                        SHA-512:25C282F750E9AE040371A79ED79D75BA25210D9601038F931983A33F664042856BF92DE9CBBA9D5FAF78BB3EACB7243A760DC963BCFE48D084C84FEF7BA11A50
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~..g:..4:..4:..4..5?..4..5...4..50..4:..4;..4<,.5(..4<,.5+..4<,.5...4..5;..4..5/..4:..4..4P,.5-..4P,{4;..4:..4;..4P,.5;..4Rich:..4................PE..d.....&f.........."....&.....:......T..........@....................................=.....`.....................................................P.......h....P..@....<...)..............T.......................(.......@............0..8............................text............................... ..`.rdata.......0....... ..............@..@.data....*... ......................@....pdata..@....P......................@..@_RDATA.......p.......,..............@..@.rsrc...h...........................@..@.reloc...............4..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_bulgarian.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2024856
                                                                                                                                                                                                                                        Entropy (8bit):6.324321936682219
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:BIfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyoijFC8fB4adLxp7WGCNE/Jt1icNE/h:BIfcHooIFzLXKGh4ZJe6cwTqREew
                                                                                                                                                                                                                                        MD5:3A4AF29ABA8933D37306A95883EE48B5
                                                                                                                                                                                                                                        SHA1:F4F06C0DFE29DF0DC923B339B7B1438320B2D2B8
                                                                                                                                                                                                                                        SHA-256:ED94A53B02A58F0684D0DC284F19987784EE834D5ADBC2C68E2D0FC8EEB163E3
                                                                                                                                                                                                                                        SHA-512:E8091FCD212D1A1011531E445A273175D6B749B3561795AFD4E6B240E538BD6E5BC7E432CF3F2FD912A83DCAD813AA3C56513417DE77B053CC2B333B62570D56
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X...9...9...9....~..9...9...9.......9..Rich.9..........PE..d.....&f.........." ...&..................................................................`.......................................................... ...................)..............p............................................................................rdata..\...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_chinese.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):1853848
                                                                                                                                                                                                                                        Entropy (8bit):6.394677982605456
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:2fcHoh3FzLXKGh4ZJe6cwTqREewQ02G8w:2fcHo9hUHTh1L
                                                                                                                                                                                                                                        MD5:23629250C1D0393129C509BE8CBB6090
                                                                                                                                                                                                                                        SHA1:A59A90FFECDC6D70E0FF8E28B74B61CA8D90C003
                                                                                                                                                                                                                                        SHA-256:544B0124CC2D54E55110835DB2A9BD3FF1F95664236E1AF67AA64CA00798FF20
                                                                                                                                                                                                                                        SHA-512:DDE44DFF6A2E6F8C5A9942090900204763F50C5D6F25D66633965802A5198DF9C6A41A578972CDB9CF8EB82C155F99D958644A99D093A90E54AFDBAC937C0EAE
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...l.&f.........." ...&.....................................................@.......C....`.......................................................... ............... ...)..............p............................................................................rdata..\...........................@..@.rsrc........ ......................@..@....l.&f........R...............l.&f........................l.&f........l...............l.&f............................................RSDS0~../XD....}Z.....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb.......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):1880472
                                                                                                                                                                                                                                        Entropy (8bit):6.392035258128167
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:ynRfcHoApz3FzLXKGh4ZJe6cwTqREew2m1:yRfcHokXhUHTh1P
                                                                                                                                                                                                                                        MD5:B21D16938697AE36911D150A790D83DC
                                                                                                                                                                                                                                        SHA1:0CC7E938880FF13F27A619B5A1352FB9A2EB8098
                                                                                                                                                                                                                                        SHA-256:02E148D722B5D051600639B8377701D90FC6324EDB0D9B92B6BE4804C1C038E9
                                                                                                                                                                                                                                        SHA-512:12CE344BF6F81528936D3106CD0DC302ACA95A93683B7506E4DBC080C91F26480875D17880DBCBF68E71C51C6A279CA61E76C698D319949645B540857EC56924
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d.....&f.........." ...&..................................................................`.......................................................... ..`................)..............p............................................................................rdata..h...........................@..@.rsrc...`.... ......................@..@......&f........^.................&f..........................&f........l.................&f............................................RSDS.-`j...F.....~=....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb.......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]..`F...rsrc$02....................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_english.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):1993104
                                                                                                                                                                                                                                        Entropy (8bit):6.214702023307501
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:tafFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyRN5ojFC8fB4adLxp7WGCNE/Jt1icNi:AfcHot+FzLXKGh4ZJe6cwTqREewxcs
                                                                                                                                                                                                                                        MD5:11E98CCE342EEE55F49473F1BE4D3B32
                                                                                                                                                                                                                                        SHA1:E393C5AFDBFCC6BDB8A23D01F7721BA2B390EADC
                                                                                                                                                                                                                                        SHA-256:9B16029E7BFB649186F48157CC48003B5F339EB40D9B17CAA783DED2B866B59A
                                                                                                                                                                                                                                        SHA-512:6107A2EFC28F22F5034C9A18B39FB15B7A7A82803BEC8F3EA9FAD0C601102B50D6631170E617147D1497E8EB2DF2D659904912CEBB5C36DBCE2B3412FFD972E5
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d.....&f.........." ...&.....>...............................................`......J?....`.......................................................... ..X;...........@...)...........................................................................................rdata..............................@..@.rsrc...X;... ...<..................@..@......&f........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...=...rsrc$01.....]..X....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_finnish.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2023320
                                                                                                                                                                                                                                        Entropy (8bit):6.159381481575647
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:p1fFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyuFjFC8fB4adLxp7WGCNE/Jt1icNE/o:HfcHouxFzLXKGh4ZJe6cwTqREewQ
                                                                                                                                                                                                                                        MD5:8EBE2BEE391B01B72CB67754F30AA40B
                                                                                                                                                                                                                                        SHA1:77EEB9AF6567A46DA763064D546B16EBDA0CFAF7
                                                                                                                                                                                                                                        SHA-256:D761A113BA82D7FF4E94BE1B983B544DF5D1D6D48DEE34EF0F2902B97444D728
                                                                                                                                                                                                                                        SHA-512:FE012D6AB1480C025512EAB9F53B719B2E7F904EB89E586C550BADAB9E2D3AFA01E53049674708E479DA913E7C47A61FB4DB8ED8F5A99D9BD6E72C513D740330
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...P.&f.........." ...&..................................................................`.......................................................... ...................)..............p............................................................................rdata..D...........................@..@.rsrc........ ......................@..@....P.&f........9...............P.&f........................P.&f........l...............P.&f............................................RSDSX.CB.W7D.X....T.....c:\pl\output\pl_rsrc_finnish.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]...t...rsrc$02........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_french.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2038672
                                                                                                                                                                                                                                        Entropy (8bit):6.188244597969472
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:rufFa9MmhuV2FFdq7qFrwnim0gsZEeV3dydzjFC8fB4adLxp7WGCNE/Jt1icNE/F:qfcHod3FzLXKGh4ZJe6cwTqREew8sf
                                                                                                                                                                                                                                        MD5:4C24030929486597AC34E62850CE321F
                                                                                                                                                                                                                                        SHA1:344450252324F2AE52E4F3DFFA931B324B9FE89E
                                                                                                                                                                                                                                        SHA-256:DC1ADFC31DF17792208E0728970D5833B2A9E20DC4D7BA9DEB2CB6E9D205741B
                                                                                                                                                                                                                                        SHA-512:10F35271A79BE48E3ECA83E96A85958026A904C7CACF1067CE0DD156F618E90F25ABC856D2B99DAB45D0C03EFEA24A641347974CD223C9013999B5FE5F9E145F
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...t.&f.........." ...&.............................................................S....`.......................................................... ..x................)..............p............................................................................rdata..\...........................@..@.rsrc...x.... ......................@..@....t.&f........Q...............t.&f........................t.&f........l...............t.&f............................................RSDS..j...M..^..I......C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]..x....rsrc$02................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_german.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2054040
                                                                                                                                                                                                                                        Entropy (8bit):6.14957665946599
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:NfcHoOcFzLXKGh4ZJe6cwTqREewyv+Yt:NfcHo5hUHTh1c
                                                                                                                                                                                                                                        MD5:6C9431692636E03AF75EFF1F8D0CF31F
                                                                                                                                                                                                                                        SHA1:1FBB416F91933C0C850688B9D1C80588E8B6EF16
                                                                                                                                                                                                                                        SHA-256:B7CAAC3062E9A1D838D385F12973E78EB236393FEE93E564032F6BFF8B9E43A6
                                                                                                                                                                                                                                        SHA-512:3E87B6935D7C1B32841D1FA223596F9D266873752C82D620E7D7E37457F2D3ECCA835A6DABD41E6DAB1F67D439DA303AA8520E0845BE7F6C6AAEDECDC392F68D
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...p.&f.........." ...&.....,...............................................P.......L ...`.......................................................... ...(...............)..............p............................................................................rdata..\...........................@..@.rsrc....(... ...*..................@..@....p.&f........Q...............p.&f........................p.&f........l...............p.&f............................................RSDSqUu.u|*E.g.x.1......C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_italian.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2032016
                                                                                                                                                                                                                                        Entropy (8bit):6.186909296772657
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:dPfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dy9f9wjFC8fB4adLxp7WGCNE/Jt1icNJ:5fcHo9sFzLXKGh4ZJe6cwTqREewyKM
                                                                                                                                                                                                                                        MD5:11653B659DBFB4E3E76DFA8D7A9CA807
                                                                                                                                                                                                                                        SHA1:427B5E9F613B0D566B1793064678D0DFED13CD26
                                                                                                                                                                                                                                        SHA-256:E56BBA2969B970027610A977A8487711DF67D00051BBE44718C22CC811BFD985
                                                                                                                                                                                                                                        SHA-512:D16C60A7B5640CD4AF3F10976A7A09ECE29F9ECB06E782D0DFF1BDB80D436114912CAAC0040D85614558BB53B875C80EC07923A6DEF9693B330F5A4BD2DAE9E8
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...x.&f.........." ...&............................................................].....`.......................................................... ...................)..............p............................................................................rdata..D...........................@..@.rsrc........ ......................@..@....x.&f........9...............x.&f........................x.&f........l...............x.&f............................................RSDS..}[..K.c...sP.....c:\pl\output\pl_rsrc_italian.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_japanese.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):1916824
                                                                                                                                                                                                                                        Entropy (8bit):6.362603512042336
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:ofcHoRiFzLXKGh4ZJe6cwTqREewa7nsOMfy:ofcHoWhUHTh1iI
                                                                                                                                                                                                                                        MD5:DAB243C8F16BBB73737287F1BBE513E9
                                                                                                                                                                                                                                        SHA1:F48E34D3784577EF695481C310639049778BF6A3
                                                                                                                                                                                                                                        SHA-256:2680FEB5DF93F4846B6E16B51761E2A73107E697524382F0F81AD1A89E6EF6D7
                                                                                                                                                                                                                                        SHA-512:3F18299CC27BF2410A2D3D32673CB6348BB767CC81AC7FD72A3E6810CCB332F0B375C8A7CF0192356AD2ADFAF5FB0683D49F57F8CE7067BD7A532358B972CC4C
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d.....&f.........." ...&.....................................................@............`.......................................................... ..h................)..............p............................................................................rdata..\...........................@..@.rsrc...h.... ......................@..@......&f........S.................&f..........................&f........l.................&f............................................RSDS....(..L...k.b......C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]..h....rsrc$02................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_korean.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):1890704
                                                                                                                                                                                                                                        Entropy (8bit):6.412961046855944
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:HfcHo6yslSFzLXKGh4ZJe6cwTqREewlqds98wtPw:HfcHoTslQhUHTh1lqS93tPw
                                                                                                                                                                                                                                        MD5:57C0CCE1CE46A6DFA83224E360E454F0
                                                                                                                                                                                                                                        SHA1:89E2AE66C3EF2BFEBD4F463AFEFE893F0B593043
                                                                                                                                                                                                                                        SHA-256:7D01010FEEDF1C2A48707B37F5B54A82B6338EBC26489FF8EBCF6DC4ADDDE393
                                                                                                                                                                                                                                        SHA-512:D1C53345A7E81C15EE36BC640657973D2A6A594C090DBCC74C5C3881AA7B2F906406834DE1D06F587E28E885B55E05AD2E326AEE57D95B695F8130BE09AE564D
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...X.&f.........." ...&..................................................................`.......................................................... ...................)..............T............................................................................rdata..@...........................@..@.rsrc........ ......................@..@....X.&f........Q...l...l.......X.&f........................X.&f........l...................................RSDSz.q}...A.}..^.Q.....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb................................T....rdata..T........rdata$voltmd...l........rdata$zzzdbg.... ...=...rsrc$01.....]...m...rsrc$02............................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_polish.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2010008
                                                                                                                                                                                                                                        Entropy (8bit):6.203502241199923
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:lYxVfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyQrjFC8fB4adLxp7WGCNE/Jt1icNc:GVfcHoQPFzLXKGh4ZJe6cwTqREew
                                                                                                                                                                                                                                        MD5:4709D03FCCFEC5B69F91942AB95EABBF
                                                                                                                                                                                                                                        SHA1:CDADBE508E09B975BAA845E99DE64EFE231BA51E
                                                                                                                                                                                                                                        SHA-256:C421B0EE2301EE1738AEF77361F2B40D8D371AA3D62B6256E50D5C39A851E5E1
                                                                                                                                                                                                                                        SHA-512:27355C468BBD64976A5842F9409CF8B942FE3FCD5BFB60B5C76B5A3A6D110897A84B41F8B6EADCC726EFE233120568CC3B63A0E0083D81EE8C8470699BB5A546
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...T.&f.........." ...&.................................................................`.......................................................... ..0}...............)..............T............................................................................rdata..$...........................@..@.rsrc...0}... ...~..................@..@....T.&f........8...l...l.......T.&f........................T.&f........l...................................RSDS".....J.|L(?S......c:\pl\output\pl_rsrc_polish.pdb.............................T....rdata..T........rdata$voltmd...l........rdata$zzzdbg.... ...=...rsrc$01.....]..0@...rsrc$02........................................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_ptbr.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2053008
                                                                                                                                                                                                                                        Entropy (8bit):6.211051237422979
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:hOfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyA5jFC8fB4adLxp7WGCNE/Jt1icNE/i:0fcHoAdFzLXKGh4ZJe6cwTqREewLm
                                                                                                                                                                                                                                        MD5:1141B7248BAAE8B456985BEC51D067FE
                                                                                                                                                                                                                                        SHA1:683DB39D9C461D3C73F8C619EF87EA9A1B3CF189
                                                                                                                                                                                                                                        SHA-256:31EDF338A6BE7D1128CF4D91AB41BF63450C5EA602AE0E43431D5A4F661EC270
                                                                                                                                                                                                                                        SHA-512:8E99B047AE056E9D9D3357E49D54E9F664BEF91CCA10748D99DD0037912AF6FE45DC558F2356F4A51D05D814ACA58BF1ADF4C9241C7E6BFD9F3B2DA47955CC43
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...}.&f.........." ...&.....(...............................................P......q.....`.......................................................... ..p%...........*...)..............p............................................................................rdata..@...........................@..@.rsrc...p%... ...&..................@..@....}.&f........6...............}.&f........................}.&f........l...............}.&f............................................RSDS..y$..}M.cV...`....c:\pl\output\pl_rsrc_ptbr.pdb.......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]..p....rsrc$02............................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_russian.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2002320
                                                                                                                                                                                                                                        Entropy (8bit):6.341325023538865
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:lamfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyuOjFC8fB4adLxp7WGCNE/Jt1icNEf:ffcHou8FzLXKGh4ZJe6cwTqREewY4
                                                                                                                                                                                                                                        MD5:676C22DAA2AB1E14EE3FF3AF521C4BEE
                                                                                                                                                                                                                                        SHA1:61233E62C67E6D12873440702B5E87045BEE822F
                                                                                                                                                                                                                                        SHA-256:7839AFBF22EC689958E3AB17C8DC3798D48DE23CFF732A3F97E8DF960ADD2819
                                                                                                                                                                                                                                        SHA-512:7A261E2B67B2AE142F9D9B87C0F31DAC8ED7C0BE9AF54E0FB0197CD278E97BD7E25D9D982CAC74D47909BC73BE1DA883A17C81B0AA9C35B70A6F2A6A16BA4DE9
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d.....&f.........." ...&.....b............................................................`.......................................................... ..0_...........d...)..............p............................................................................rdata..D...........................@..@.rsrc...0_... ...`..................@..@......&f........9.................&f..........................&f........l.................&f............................................RSDS....\..N.......p....c:\pl\output\pl_rsrc_russian.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]..0"...rsrc$02........................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_slovenian.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2009496
                                                                                                                                                                                                                                        Entropy (8bit):6.210368532380693
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:tBfcHoKsFzLXKGh4ZJe6cwTqREewdXGA:tBfcHoZhUHTh1dXG
                                                                                                                                                                                                                                        MD5:400B1F903C706746AEFCEFF061796DFC
                                                                                                                                                                                                                                        SHA1:6E8B5EEAFACD839BDA15F3DB33392C8F3ACE859B
                                                                                                                                                                                                                                        SHA-256:50F652919D00ED2CF72B208A8F7945EE73F67F5334077508D48CC629045D149D
                                                                                                                                                                                                                                        SHA-512:6BC7D8BA6243EA66EBDF3B61A0E4672B870FA11ACD9E8D843ADEDE46950AD6DCAA6598187847561D9A4DD1314E90E9BABC0F1B60A3C0792D6EC67C7ED42313DA
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X...9...9...9....~..9...9...9.......9..Rich.9..........PE..d... .&f.........." ...&.....|...........................................................`.......................................................... ...x...............)..............p............................................................................rdata..\...........................@..@.rsrc....x... ...z..................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\pl_rsrc_spanish.dll

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2043792
                                                                                                                                                                                                                                        Entropy (8bit):6.188876256359308
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:VKfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyq92IjFC8fB4adLxp7WGCNE/Jt1icNK:YfcHoMnFzLXKGh4ZJe6cwTqREew3
                                                                                                                                                                                                                                        MD5:C2CF41ACD1F93D5A2882A1E852703C15
                                                                                                                                                                                                                                        SHA1:75DA98D5660D84FAFBEC9A2ACFAEFB20CE32A662
                                                                                                                                                                                                                                        SHA-256:1C9F4737353CF68F6DEC4481EB7FD622D75C869A4F125BCDC134FA22061C7BDE
                                                                                                                                                                                                                                        SHA-512:B4E3360932A4C219A10A7730F0C98FCACBE315757012B1DCD9EE2C4C10A40E22CD04A1E5B9E8C8841E2D476B6D75703D4CDC796FB491BB2F93B6C4A798F6FA5A
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...K.&f.........." ...&.....................................................0............`.......................................................... ...................)..............T............................................................................rdata..@...........................@..@.rsrc........ ......................@..@....K.&f........R...l...l.......K.&f........................K.&f........l...................................RSDS..s.{6;@..oh........C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb...............................T....rdata..T........rdata$voltmd...l........rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02............................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\testlasso.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):230296
                                                                                                                                                                                                                                        Entropy (8bit):6.32353859561312
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:xESb8gCmhQQ6bsNNx0OMUeHbbIG1/nStTqvAr9f66:ebmhQZbsNNx0FPp9U9y6
                                                                                                                                                                                                                                        MD5:15D311890F819FCCA38526F23988FAF6
                                                                                                                                                                                                                                        SHA1:62D603285F6DB7251BD8EF1FFA967BC6737DDE56
                                                                                                                                                                                                                                        SHA-256:96B634E66198DCA9395B670E111607ADD751524F0C8773A14EDB8BAE6927366B
                                                                                                                                                                                                                                        SHA-512:A129E6D1DECCBE0B4089E2F7815AE8E970DF9FD5D9AC0E381C27C1FBC461838CB8DDB60F1AF61EDB45794BEE404CB6546362070A3AE436B4CE23A7F03DED1ED2
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$........y.....]...]...]0j.\...]0j.\y..]0j.\...]...]...]..]...]..\...]..\...]..\...]0j.\...]0j.\...]...]...]...\...]...]...]..b]...]...\...]Rich...]........................PE..d...}.&f..........#....&.6...>......Xk.........@.......................................... ..................................................*..P....... ....p.......Z...)..........@...p.......................(.......@............P..x............................text....4.......6.................. ..`.rdata.......P.......:..............@..@.data...\+...@......."..............@....pdata.......p... ...0..............@..@_RDATA...............P..............@..@.rsrc... ............R..............@..@........................................................................................................................................................................................................

                                                                                                                                                                                                                                        C:\Users\user\Desktop\vistammsc.exe

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):341904
                                                                                                                                                                                                                                        Entropy (8bit):6.140395414513244
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:HOi2GKGB4EQM1q/WDd9Sl6Nq45mIskXMkpJ1cBlZg7P9YTWGoyF7m:gGKy31qeDdG6NqYmIskXMkpWgrIF7m
                                                                                                                                                                                                                                        MD5:0073037F160765D99ADF67D468EEE948
                                                                                                                                                                                                                                        SHA1:8E2BA9B43D81A3E1CDA409CA4F551BA97253E156
                                                                                                                                                                                                                                        SHA-256:D96108809921FDAAD67A5BD8C572819E473DFA08DA8DDEFDEE4AB64A1F2E69F6
                                                                                                                                                                                                                                        SHA-512:EF4D071EFB587D1468D8860934CBB74FFA84AF779D6F751CA77B8548DCF49A47398763E6F6E35B5CDED433A4B10CD58854D429BAA1993BBE53C2F57485780B70
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........n...........%}....%}..Y............................%}.....%}.....%}.......................d.........Rich...................PE..d.....&f.........."....&.Z.....................@.....................................l....`..........................................................`.. .... .. ".......)...p...... G..p....................I..(....E..@............p...............................text....X.......Z.................. ..`.rdata..(2...p...4...^..............@..@.data...4n.......B..................@....pdata.. "... ...$..................@..@_RDATA.......P......................@..@.rsrc... ....`......................@..@.reloc.......p......................@..B................................................................................................................................................................................

                                                                                                                                                                                                                                        Chrome Cache Entry: 187

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (14132), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):14132
                                                                                                                                                                                                                                        Entropy (8bit):5.384856588544536
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:bxE2tGFU8dse7Hjqesg2PaCdkaM5Xi0kh0:be2tGjsgHjROfkaM5S0kh0
                                                                                                                                                                                                                                        MD5:C09F472288B201305DB37EAA7B517F88
                                                                                                                                                                                                                                        SHA1:32DCDA85EB7CAB778644BB46D6344EF1EBDC5E2D
                                                                                                                                                                                                                                        SHA-256:2191DF70C591FDEAF3F7328F90BE1CD77F6C4FF7CD6D53A10692CE09ECC0701C
                                                                                                                                                                                                                                        SHA-512:B399BC3DECA15F40846FF51C3910AC402AE5B285B22DE0B23AD5D2DA088D1A49258503F5B147035F298E9E3389C4EA081B96F1D5BCEB39CC571B140116FA7885
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.pack.js?ver=3.59.2
                                                                                                                                                                                                                                        Preview:!function(c){function r(){l.hide(),j.onerror=j.onload=null,O&&O.abort(),s.empty()}function h(){if(!1===m.onError(v,x,m))return l.hide(),F=!1;m.titleShow=!1,m.width="auto",m.height="auto",s.html('<p id="fancybox-error">The requested content cannot be loaded.<br />Please try again later.</p>'),P()}function a(){var n,t,e,i,a,o,d=v[x];if(r(),m=c.extend({},c.fn.fancybox.defaults,void 0===c(d).data("fancybox")?m:c(d).data("fancybox")),!1!==(o=m.onStart(v,x,m)))if("object"==typeof o&&(m=c.extend(m,o)),e=m.title||(d.nodeName?c(d).attr("title"):d.title)||"",d.nodeName&&!m.orig&&(m.orig=c(d).children("img:first").length?c(d).children("img:first"):c(d)),""===e&&m.orig&&m.titleFromAlt&&(e=m.orig.attr("alt")),n=m.href||(d.nodeName?c(d).attr("href"):d.href)||null,!/^(?:javascript)/i.test(n)&&"#"!=n||(n=null),m.type?(t=m.type,n=n||m.content):m.content?t="html":n&&(t=n.match(S)?"image":n.match(T)?"swf":c(d).hasClass("iframe")?"iframe":0===n.indexOf("#")?"inline":"ajax"),t)switch("inline"==t&&(d=n.subs

                                                                                                                                                                                                                                        Chrome Cache Entry: 188

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1901&rand=0.5844304853361733
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 189

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 190

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):15744
                                                                                                                                                                                                                                        Entropy (8bit):7.986588355476176
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/
                                                                                                                                                                                                                                        MD5:15D9F621C3BD1599F0169DCF0BD5E63E
                                                                                                                                                                                                                                        SHA1:7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52
                                                                                                                                                                                                                                        SHA-256:F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
                                                                                                                                                                                                                                        SHA-512:D35A47162FC160CD5F806C3BB7FEB50EC96FDFC81753660EAD22EF33F89BE6B1BFD63D1135F6B479D35C2E9D30F2360FFC8819EFCA672270E230635BCB206C82
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
                                                                                                                                                                                                                                        Preview:wOF2......=........t..=..........................d..d..^.`.. .T..<.....|..{........6.$.... ..t. ..I.3.%.....8..&....4Z.|t .8.........D...$.uNE.P.E.Ak...=.x.9Xz.`.I..R....#F+B`..}.RP|E...Z\.W[.............C...QB....m...cm.?.F.g.......Q....3......p...L2.[......!+@U..^~.......D.?.......j...U...c..U.l.6{...m.CD].h.t.....Q8.....@P...L.c.....+...ZD..2.K...:..4{g..:..~....v......<..H^.R.'....8....?.;...uy.VW..8=.".F..*.....@E....c....=..Ib.....y8$.a){.......KiIW.&..~.}..1..w.M..{.4......!..{..F.H.5#K...t..5.w...ve;. '......NJ......'(%;...?...D...M.Cq,<.=?.f......._...V..bA.(..37..v....+.uY.C.b.w8AF..3.n.-..'..U%.2....o.l."...^bj..aoF.!`....A....j...'.:Z.u...[..p.GW:U%.Ejq...:I...C........S.C...sJe.6D...<.UM,..&h..z}.y|..9...D..j...n..B.$..T....?../.Q..=B...C._.f.#.:Bo.@]T.(..v..F..+d...". ......R..R..R....!..~A....X............>!`p..,08. 9.../.....r..Q.......Qpg.\ko...C..3..Y.y..t'.d9..>#|..3..?.#..$....i........g5.z....S....{3..Sp..S2..w.6........

                                                                                                                                                                                                                                        Chrome Cache Entry: 191

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 192

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3282&rand=0.5681925783642812
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 193

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1852&rand=0.7873146752310403
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 194

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 195

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (7711)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):260293
                                                                                                                                                                                                                                        Entropy (8bit):5.578367351739064
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3072:wDQQaf5qZ3fhO+zJ0cr8hG1LceF2/ea8LR9Wk9ARFaQjSTnXDL9btIMpZeQ5cPME:KQQX5NzJWYLceF+hYTnXP9RIMpR5YDa6
                                                                                                                                                                                                                                        MD5:25BD278634AC34F8AC96261B71CBC568
                                                                                                                                                                                                                                        SHA1:BE6F97CED990072DB9955CABB3BF16C0B37E5A89
                                                                                                                                                                                                                                        SHA-256:E5264C517E1650819F9F492245A00E7CCF0C0DDD4E7763CB806E93E46F14E374
                                                                                                                                                                                                                                        SHA-512:1E328536C9AC4C1742DC0C7451C8A966A92BA69FCDC7FBAC389AA25DE0C243916B5D11B7221F8BA2E60195C7DB357BEBFC93CDB1F5A234568AD72BA4153C4B7D
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://www.googletagmanager.com/gtag/js?id=G-ZV0D0J286B
                                                                                                                                                                                                                                        Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":12,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_email

                                                                                                                                                                                                                                        Chrome Cache Entry: 196

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 18752, version 1.6554
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):18752
                                                                                                                                                                                                                                        Entropy (8bit):7.988629781373645
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:384:bnoxrhN0WB5TRqz+ZPPbpEX1nlatVx5Rqt0nD+Zg:rojnHTG+Rq1niL80Db
                                                                                                                                                                                                                                        MD5:D705022D209F31BFD674BC9171BDB499
                                                                                                                                                                                                                                        SHA1:66489CEFBA225677E2ED8A7FC47F04C236B08E3D
                                                                                                                                                                                                                                        SHA-256:FE56A896F0EB699CED9BB48660429176C384CE8014666D5ED59E017EE3514021
                                                                                                                                                                                                                                        SHA-512:97DFEE19FA807FAC7DA0CA76095408AC52C0DFA81059BF02BA6ADF749443A1AC4992009DE1ABF809254B8C8FBF7C2F0179C5A03F71A8103A291AB426B7741F42
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/fonts/open-sans/opensans-regular-webfont.woff2
                                                                                                                                                                                                                                        Preview:wOF2......I@.......`..H.........................?FFTM.. .....(.`..Z.F..e.....x....6.$..&..V.. ..N..e..v?webf..R.5x.2.v..!=.g#..8@@b....6.@.'....kr2d...^}.A..7....bU4.l...X4,..i..e.P!....>*...Qz..e.x.[x6....L...n..A.oQ..M/..B..Sq...,lXM...eaU2....|....X..w.=...?../\.....<i....:..}......Wj..7..u...i..H.5#..H....$.v....B..V....+@....O.t..%]..T.....#]Rtrn.0.o.{.*f..=3&*"F.9g`cM..Dt..1....9]..o.k...=U....R.......$..v...$.I ..$r.D...W{..YJ.A!dJZ:..(..P?T......[.........7&_e.....C...S.:.\..._..^..f{....I.I.L..7..-.r.[.V.-p.N/....+D....#:,u]S............!]Ho.-...su..s.;...Mi...G.B.G2..n.C....j...(.8f...!...._..W.TJs....3......M5..o. . .-.:&:d.....B.uQ..73..7.........A...$`@... .2His.d9..*..R..C.E.r...?..hm./.V....f.h..A-zH.".....u...-.JV....f.s.M.....hFop...an_.L.[!......p..-K.Bnn.k.X!2.<..7.........FJ.@......c.^..o.7U.(q,'a....;v...x... ......`..h.^.Q.i.. .t..n..r.3..s..h.9q.....lF.....c..8...\.i.."....:8..;@M ....A`...O.l..8.R.........0.......Bh!.H.u

                                                                                                                                                                                                                                        Chrome Cache Entry: 197

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 198

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3020&rand=0.2054094452619757
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 199

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1673&rand=0.4563951407778424
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 200

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1392)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):11689
                                                                                                                                                                                                                                        Entropy (8bit):5.161807419486538
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:mkgH/9W0He1ZFe1ZfLvrL4aPHo+JBoTuFumJfpoT7lGnTH4IUg:+FWyrL4o/HrUg
                                                                                                                                                                                                                                        MD5:9593C634B81C031342CBE0FA03903D47
                                                                                                                                                                                                                                        SHA1:DD68EE9D73731B22FB7252F66BE8BEA5D17227C7
                                                                                                                                                                                                                                        SHA-256:D7BDBA02AFA8C04C13F280C71A50F8C8186C883711C5DABBD13566DD738BFF0A
                                                                                                                                                                                                                                        SHA-512:F148020673308A496E6DB48A8468DF81F78B8AA63812C4ACDCC7B5D7265A241491726ACFAA4EE578A71B23F5111D336E446BD7C8028634BC4E8C01F472028270
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0
                                                                                                                                                                                                                                        Preview:;var MonsterInsights=function(){var e=[],i='',r=!1;this.setLastClicked=function(t,n,i){t=typeof t!=='undefined'?t:[];n=typeof n!=='undefined'?n:[];i=typeof i!=='undefined'?i:!1;e.valuesArray=t;e.fieldsArray=n};this.getLastClicked=function(){return e};this.setInternalAsOutboundCategory=function(e){i=e};this.getInternalAsOutboundCategory=function(){return i};this.sendEvent=function(e,t,n){y(e,t,n,[])};function d(){if(window.monsterinsights_debug_mode){return!0}.else{return!1}};function p(e,t,n){var l={};for(var i in e){if(!e.hasOwnProperty(i)){continue};if(t&&t.indexOf(i)===-1){continue};if(n&&n.indexOf(i)>-1){continue};l[i]=e[i]};return l};function b(e,t,n){if(!monsterinsights_frontend.v4_id||e!=='event'){return};var i=n.event_category||'',a=['event_name','event_category','event_label','value',],l=p(n,null,a);l.action=t;l.send_to=monsterinsights_frontend.v4_id;let hitType=i.replace('-','_');if(i.indexOf('outbound-link')!==-1){hitType='click'}.else if(i==='download'){hitType='file_downlo

                                                                                                                                                                                                                                        Chrome Cache Entry: 201

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:PC bitmap, Windows 3.x format, 48 x 48 x 24, image size 6912, resolution 9449 x 9449 px/m, cbSize 6966, bits offset 54
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):6966
                                                                                                                                                                                                                                        Entropy (8bit):4.755735232059843
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:96:3y7OJpqOMHZmO/w6oG4RPr2M9Ie7RKv6UY+nc:3yepdM5H/wZT2M+e7gv6UY+nc
                                                                                                                                                                                                                                        MD5:E97C27D1C2142F1276F319A87B466484
                                                                                                                                                                                                                                        SHA1:43ECEEF6D1269A1EE51C0914B7F3F303C7D8E9E7
                                                                                                                                                                                                                                        SHA-256:A53A853591D9E14FC0C99103518EDA928B0FCCB3F4C923689C628C71CDCD3C2D
                                                                                                                                                                                                                                        SHA-512:D9E984B4AB6688B7049632089AF8CE986911C463B28229759474F2D82007CB06054D1BCF5BD9306276194A9243C7449500DC6926DE9FC59E00404B5CD0F9C735
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/uploads/favicon.png
                                                                                                                                                                                                                                        Preview:BM6.......6...(...0...0................$...$.............................................................................................................................................................................................................u.P..?.w<.p=.m=.i=.h=.j=.l<.q<.xG..j................................................................................................X.=.v=.k=.a>.[>.W>.T>.S>.Q>.O>.Q>.S>.U>.Y=.`=.h<.s=.~q................................................................................A.|=.k=.b>.[>.V>.R>.Q>.P?.N?.M?.L?.K?.K?.M?.O>.Q>.R>.V>.^=.g<.s?..........................................................................C.~=.j=.`>.Z>.Y>.U>.T>.R>.Q>.Q>.Q>.P>.P?.O?.N>.P>.Q>.Q>.Q>.T>.X>.\=.c=.n;.|..............................................................k.<.p=.e=.`>.[>.Y>.W>.U>.S>.R>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q9.K7.J7.L7.O7.Q7.V=.e=.n<.~.........................................................X.=.m=.e=.`>.\>.Y>.W>.V>.T>.S>.R>.Q>.Q>.R>.R>.R>.Q>.Q>

                                                                                                                                                                                                                                        Chrome Cache Entry: 202

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (341), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):341
                                                                                                                                                                                                                                        Entropy (8bit):4.985562338389113
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6:2LG36p3QLkW0D9PIg3mtVVBI9qR3JpV32J3iVNfCRHW5pELlCfbWCrf1rXm56p1n:2U6hv9PIgyvIoT32SJCIp6CTWC056bn
                                                                                                                                                                                                                                        MD5:1060197390AC55F64B5AF979885274AD
                                                                                                                                                                                                                                        SHA1:84C9F127E23AC6D89DEC691345B0930B6BD9E75B
                                                                                                                                                                                                                                        SHA-256:53C3E7A78FC2DE0FD9BAEA7B14FBE9726F59565D2B5E8B8D96019D4C06F9B74F
                                                                                                                                                                                                                                        SHA-512:AE04EBBEA631C6B03ECAE66CD1745829E54AD152989DAEB75389E600B820A106717DCC23CCA4222E8623B6FDC0FD1FA00C6D6B8DD865BCD97FB1F7B59686633F
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0
                                                                                                                                                                                                                                        Preview:(function(window,document,$,undefined){var EDDUH={init:function(){EDDUH.trackHistory();},trackHistory:function(){$.ajax({type:"POST",url:edduh.ajaxUrl,data:{action:'edduh_track_history',page_url:edduh.currentUrl,referrer:document.referrer},success:function(response){}}).fail(function(response){});}};EDDUH.init();})(window,document,jQuery);

                                                                                                                                                                                                                                        Chrome Cache Entry: 203

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (2365), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):2365
                                                                                                                                                                                                                                        Entropy (8bit):4.697204613723889
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:bTk6NKAKXTSXcbwMC0OkSYzPFpDG4abZe:bNyY4+e
                                                                                                                                                                                                                                        MD5:0F2F239462DBE979F168FF6361F20CC3
                                                                                                                                                                                                                                        SHA1:3ADC95702536E0A3BDB56A96192B235C9782CEA4
                                                                                                                                                                                                                                        SHA-256:85453727039FC1323F5F9DA51615C0244FC05EC5857B25787EFC332F5539E07D
                                                                                                                                                                                                                                        SHA-512:71C901C7EAF0EC84D9DCF76B3CFDC3EF53C660DBEF452AE4A10339F49489767EF1E56349F86EDAA1C33AD6E303048B7180D7199AE7DF841B0B5CA365F7D1DC8A
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1
                                                                                                                                                                                                                                        Preview:.tml-login,.tml-register,.tml-social-divider,.tml-social-providers{max-width:320px}.tml-social-divider{margin:2em 0}.tml-social-divider span{display:none}ul.tml-social-providers{list-style:none;margin:0 auto;padding:0}ul.tml-social-providers li{margin:1em 0;padding:0}.tml-social-provider:after{content:'';clear:both;display:table}.tml-social-provider .tml-social-provider-icon{border-right:1px solid rgba(0,0,0,.2);display:table-cell;text-align:center;vertical-align:middle;width:2.5em}.tml-social-provider .tml-social-provider-icon img{border-radius:0;-webkit-box-shadow:none;box-shadow:none;display:inline-block;width:1.5em}.tml-social-provider .tml-social-provider-text{display:table-cell;padding-left:1em;line-height:2.5}.tml-social-providers a.tml-social-provider:link,.tml-social-providers a.tml-social-provider:visited{-webkit-box-shadow:none;box-shadow:none;border:1px solid rgba(0,0,0,.2);display:block;line-height:1;text-align:left;text-decoration:none}.tml-social-providers a.tml-social-p

                                                                                                                                                                                                                                        Chrome Cache Entry: 204

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (13479)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):13577
                                                                                                                                                                                                                                        Entropy (8bit):5.272065782731947
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp
                                                                                                                                                                                                                                        MD5:9FFEB32E2D9EFBF8F70CAABDED242267
                                                                                                                                                                                                                                        SHA1:3AD0C10E501AC2A9BFA18F9CD7E700219B378738
                                                                                                                                                                                                                                        SHA-256:5274F11E6FB32AE0CF2DFB9F8043272865C397A7C4223B4CFA7D50EA52FBDE89
                                                                                                                                                                                                                                        SHA-512:8D6BE545508A1C38278B8AD780C3758AE48A25E4E12EEE443375AA56031D9B356F8C90F22D4F251140FA3F65603AF40523165E33CAE2E2D62FC78EC106E3D731
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
                                                                                                                                                                                                                                        Preview:/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings

                                                                                                                                                                                                                                        Chrome Cache Entry: 205

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (12463), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):12463
                                                                                                                                                                                                                                        Entropy (8bit):5.0632329893463215
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:YoC0/0Gg3k02W54NApUgJzBdAA+p5oNBaAQaAwHM8WFUsZO0RPdW4EmaD:ZCyGV54wUgynmDaActFUsBFHED
                                                                                                                                                                                                                                        MD5:F7C8C87D24C2A81064F86B48697FFEB8
                                                                                                                                                                                                                                        SHA1:8D8DF3B7673E1481DDC00B0820CD0CE1944996E3
                                                                                                                                                                                                                                        SHA-256:B9052EA598420869C9196E164A35704BC0784102625072CD258E14125FCF5D92
                                                                                                                                                                                                                                        SHA-512:AA140D2B4A0F3C8EF8988B76D74DD2FF91AAD950669A38783B6DD3C46D3E98C370A4AD1A09236AB8360B606B2A1620F8E252D6004824E67E891B46102E05CBC7
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/easy-digital-downloads-pro/assets/js/edd-ajax.js?ver=3.2.11
                                                                                                                                                                                                                                        Preview:!function(e){var t={};function d(a){if(t[a])return t[a].exports;var r=t[a]={i:a,l:!1,exports:{}};return e[a].call(r.exports,r,r.exports,d),r.l=!0,r.exports}d.m=e,d.c=t,d.d=function(e,t,a){d.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:a})},d.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},d.t=function(e,t){if(1&t&&(e=d(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var a=Object.create(null);if(d.r(a),Object.defineProperty(a,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)d.d(a,r,function(t){return e[t]}.bind(null,r));return a},d.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return d.d(t,"a",t),t},d.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},d.p="",d(d.s=346)}({1:function(e,t){e.exports=jQuery},346:function(e,t,d){"use strict";d.r(t),function(e){

                                                                                                                                                                                                                                        Chrome Cache Entry: 206

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (7329), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):7329
                                                                                                                                                                                                                                        Entropy (8bit):5.163866264219447
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:SZlmgfn24Se6MpTXapkyN8jcpypscqDciqtiPh71:SZlnfUwXapkyN8jcpyioyh71
                                                                                                                                                                                                                                        MD5:BD2D67186594B0E32223B293FDFCCA55
                                                                                                                                                                                                                                        SHA1:B797A9D012C850B53A7CCC12211ADCFBCD9AE0BE
                                                                                                                                                                                                                                        SHA-256:4F9F4E2E225088F9CF3B6B54AA421E0F776D1802255505D2F752E1F83F441641
                                                                                                                                                                                                                                        SHA-512:C80A7CD15E27B24AE6A2B7E9E491BCB24EFA034BF730862F07E5CD22A0C7961B451F78B3D80AD212CBBB75B176DDAFDF84F9AABD027DBCEBAE3A8FBD48F6A8E0
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://stats.wp.com/e-202417.js
                                                                                                                                                                                                                                        Preview:window.wpcom=window.wpcom||{};window._stq=window._stq||[];function st_go(t){window._stq.push(["view",t])};function linktracker_init(t,e){window._stq.push(["clickTrackerInit",t,e])};window.wpcom.stats=function(){var t=function(){var t,n;var o=function(t,e,n){if("function"===typeof t.addEventListener){t.addEventListener(e,n)}else if("object"===typeof t.attachEvent){t.attachEvent("on"+e,n)}};var i=function(t){if("object"===typeof t&&t.target){return t.target}else{return window.event.srcElement}};var r=function(t){var n=0;if("object"===typeof InstallTrigger)n=100;if(7===e())n=100;d(i(t),n)};var a=function(t){d(i(t),0)};var f=function(t){var e=document.location;if(e.host===t.host)return true;if(""===t.host)return true;if(e.protocol===t.protocol&&e.host===t.hostname){if("http:"===e.protocol&&e.host+":80"===t.host)return true;if("https:"===e.protocol&&e.host+":443"===t.host)return true};return false};var d=function(e,o){try{if("object"!==typeof e)return;while("A"!==e.nodeName){if("undefined"=

                                                                                                                                                                                                                                        Chrome Cache Entry: 207

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (15752)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):18726
                                                                                                                                                                                                                                        Entropy (8bit):4.756109283632968
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:384:WTbvzWuPTb9Uh3o//bEPjXgA2k1efAJmpr:WX6U9Uh3o//YrXgAGfACr
                                                                                                                                                                                                                                        MD5:B976B651932BFD25B9DDB5B7693D88A7
                                                                                                                                                                                                                                        SHA1:7FCB7CB5C11227F9213B1E08A07D0212209E1432
                                                                                                                                                                                                                                        SHA-256:4E6CE5444C7F396CEF0EB1FA3611034151E485DD06FBE5573A5583E1EEBC98C3
                                                                                                                                                                                                                                        SHA-512:A241EBDCFAF153D5C2A86761145B2575CBE734B4F416ACBFAC082AE5C6EB7C706BD6CA3BC286B7E1A0F9E326729252DCB95B776750C4A3A0D81F2AA6258EA39F
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-includes/js/wp-emoji-release.min.js?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                                        Preview:/*! This file is auto-generated */.// Source: wp-includes/js/twemoji.min.js.var twemoji=function(){"use strict";var h={base:"https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint:function(d){d="string"==typeof d?parseInt(d,16):d;if(d<65536)return e(d);return e(55296+((d-=65536)>>10),56320+(1023&d))},toCodePoint:o},onerror:function(){this.parentNode&&this.parentNode.replaceChild(x(this.alt,!1),this)},parse:function(d,u){u&&"function"!=typeof u||(u={callback:u});return h.doNotParse=u.doNotParse,("string"==typeof d?function(d,a){return n(d,function(d){var u,f,c=d,e=N(d),b=a.callback(e,a);if(e&&b){for(f in c="<img ".concat('class="',a.className,'" ','draggable="false" ','alt="',d,'"',' src="',b,'"'),u=a.attributes(d,e))u.hasOwnProperty(f)&&0!==f.indexOf("on")&&-1===c.indexOf(" "+f+"=")&&(c=c.concat(" ",f,'="',u[f].replace(t,r),'"'));c=c.concat("/>")}return c})}:function(d,u){var f,c,e,b,a,t,r,n,o,s,i,l=function d(u,f){v

                                                                                                                                                                                                                                        Chrome Cache Entry: 208

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (3199), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):3199
                                                                                                                                                                                                                                        Entropy (8bit):5.389079810933085
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:fHbU7ageM1duJ91nllMi5ZObaXLTTTyUhsjKDMDTggy3AqZ0+xOGoydCyAyA:zUugBIhlMiHUkftSy6c33AqZhO+Ro
                                                                                                                                                                                                                                        MD5:7948D7ACFBA6C135628BFF46DC2178D4
                                                                                                                                                                                                                                        SHA1:5401B73B081718FF6BB60343AD7668C68F3780B2
                                                                                                                                                                                                                                        SHA-256:774E90A51B4189C6AB5CB3BADDA2C67D60197F464E43333387651F982E6163BF
                                                                                                                                                                                                                                        SHA-512:D98877F96406C14B804B7651C8265E96203B50260B824F8BA35229195E22C3FE12FC6FA8EDB68E5EA6B29B952AD04C8F0CF1C49AB2A665010E2F3CDAF868FA34
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.easing-1.3.pack.js?ver=3.59.2
                                                                                                                                                                                                                                        Preview:eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('h.i[\'1a\']=h.i[\'z\'];h.O(h.i,{y:\'D\',z:9(x,t,b,c,d){6 h.i[h.i.y](x,t,b,c,d)},17:9(x,t,b,c,d){6 c*(t/=d)*t+b},D:9(x,t,b,c,d){6-c*(t/=d)*(t-2)+b},13:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t+b;6-c/2*((--t)*(t-2)-1)+b},X:9(x,t,b,c,d){6 c*(t/=d)*t*t+b},U:9(x,t,b,c,d){6 c*((t=t/d-1)*t*t+1)+b},R:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t+b;6 c/2*((t-=2)*t*t+2)+b},N:9(x,t,b,c,d){6 c*(t/=d)*t*t*t+b},M:9(x,t,b,c,d){6-c*((t=t/d-1)*t*t*t-1)+b},L:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t*t+b;6-c/2*((t-=2)*t*t*t-2)+b},K:9(x,t,b,c,d){6 c*(t/=d)*t*t*t*t+b},J:9(x,t,b,c,d){6 c*((t=t/d-1)*t*t*t*t+1)+b},I:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t*t*t+b;6 c/2*((t-=2)*t*t*t*t+2)+b},G:9(x,t,b,c,d){6-c*8

                                                                                                                                                                                                                                        Chrome Cache Entry: 209

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 210

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 211

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (22480), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):22480
                                                                                                                                                                                                                                        Entropy (8bit):5.07028013691561
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:384:r0zISO+t27Nmeq0xXwAEiZdNdsdBzmdTMZ6:r0zI5+t27NmgxXwAEibdTMw
                                                                                                                                                                                                                                        MD5:B938F218B6224649802C889479F5BCE3
                                                                                                                                                                                                                                        SHA1:7FF8ADDE481924355A53C164355863E195983100
                                                                                                                                                                                                                                        SHA-256:2C9D50F99DEF73E67DD3DD0BCAE8C822FA972CB235B60B43E2C58553A7928D5C
                                                                                                                                                                                                                                        SHA-512:D654AC5754B83FED95F4B906BC55382CE7719B85B2B8191933495897EFF6B377E5D22D9763A10B42C7D13377697CD5159A741FA4AA4044F5B973A87A7CDCE14E
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/style.css?ver=202306092
                                                                                                                                                                                                                                        Preview:.wp-caption{max-width:100%}.wp-caption-text{}.wp-caption img{}.gallery-caption{}.bypostauthor{}.aligncenter{text-align:center}.alignleft{text-align:left}.alignright{text-align:right}aside>.widget *{max-width:100%;height:auto}#wp-calendar{width:100%}#wp-calendar tbody{text-align:center}#wp-calendar thead th,#wp-calendar tfoot td,#wp-calendar tbody td{border:1px solid #eaeaea;padding:5px;text-align:center}.widget_search button[type=submit]{border-width:2px}.sticky{font-size:16px;background-color:#ffffe0;border:3px dotted #000;padding:10px}.sticky>article{background-color:transparent}.mb-15{margin-bottom:15px}.widget_archive select{width:100%}.page-title{font-size:42px;line-height:48px;margin-bottom:.33em;margin-top:.2em}table{border-width:1px 1px 1px 0;border-color:#ededed #ededed #ededed transparent;border-style:solid solid solid none;border-collapse:collapse;border-spacing:0;margin:0 0 20px;width:100%}table th,table td{border-top:1px solid #ededed;border-left:1px solid #ededed;padding:

                                                                                                                                                                                                                                        Chrome Cache Entry: 212

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):88751
                                                                                                                                                                                                                                        Entropy (8bit):5.414296471740167
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:1536:2sHx8vawlWe2XzbStiSc6q1jboAmKum7EqIZ7d+/:2sHx8vzWe2jOtiSg1jboAmKum7EqCp+/
                                                                                                                                                                                                                                        MD5:69CB7809B5011312E716F29B3D19DCE6
                                                                                                                                                                                                                                        SHA1:833DABFB546D57065AEBA7190B5EE5A2428DFA47
                                                                                                                                                                                                                                        SHA-256:E039E607C78306C7E029A7FD0ECDB14F86456F16E1A5CE65AA26B4FDF1D38A3C
                                                                                                                                                                                                                                        SHA-512:4259C8F940CFE4B7EC384E5ABD855713DA7792A955A7B737B75E45E6559A90292ADE59D7CCAB381EA4C2D0FA5109B4ABD9BFA0887C05C9FB1A27469D5E198A69
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://m.stripe.network/out-4.5.43.js
                                                                                                                                                                                                                                        Preview:var StripeM=function(e){var t={};function n(r){if(t[r])return t[r].exports;var _=t[r]={i:r,l:!1,exports:{}};return e[r].call(_.exports,_,_.exports,n),_.l=!0,_.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var _ in e)n.d(r,_,function(t){return e[t]}.bind(null,_));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=30)}([function(e,t,n){"use strict";(function(e){n.d(t,"a",(function(){retur

                                                                                                                                                                                                                                        Chrome Cache Entry: 213

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):10546
                                                                                                                                                                                                                                        Entropy (8bit):7.981645613160615
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:FgfiM8C7RRs0lPoxWi3WqioX2b9/5cvneVQ+kaz1fM9VUlB17:Fg97RRs0FsRiMK9RUem+hBfyVqP7
                                                                                                                                                                                                                                        MD5:66FEEAE77BBAFC5DCABCD345215CD1AD
                                                                                                                                                                                                                                        SHA1:414AFCFB5CE7A66E466587156181111ECB61A75C
                                                                                                                                                                                                                                        SHA-256:6A59F2B8B67BCCC41C723F6D94791CC7171C3756C3E90EFAD5D898ED336FE5C9
                                                                                                                                                                                                                                        SHA-512:9D2D95F6C64AD3BE3AC6C67BFA6B9422721B191F2CAD9CABAFB63371C98D3E74C21EF1DB7D40374FB62824892B455FDE138F60C0C59BBC7BF09F10996936CB23
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/uploads/30dayrefund-e1605890583229.png
                                                                                                                                                                                                                                        Preview:RIFF*)..WEBPVP8L.)../+.A.u...I.?.1U.{...../....y;`.2...a.n....\:.q...=.&....z.YP:}.A.W.Wr....".CTT.#U..d..H]9!..,..%...X..y^..v.....hgkg..z9.m.m.6.{NU..$....]M'U.T..h...%A..w8.....].....Rwww..!s_F.8..\W..%.).......m.H...^v'.....m.F.,.u.UB!.....i. F..1$. .b....xg.)..7.3.Q...;w...E....f.)mC.m.w..!.m.....-A.2.XeU].B..U....+... .n..<Jn...........s...s!g......-p...b("&1...z...W.&.e.2o&L..~a..C....3.u.4[.,...".FB.[.zP.4..UdN...Y@.)Y...~3..9[.t.X.3.l.iZ.A...Ho.)Y..2....lEV./s.-j...p.....4V..P#.......B-p.J..D,...>.B..*M...3.U..J.P.....MSUL..$d,#..L.4....]0.S .......m.K......{.....Q..d/..<"&....e.P..=..lgMwM.4...'Di..bp..}..T..d;..}.f.0-.AT?.........l...).9....A..>...h%C.)-3.`..w....~oA 3..3.*.s.a.....rW^QyU].........y.!...,.....R#...x...V..Z....7=n.XG`._<...n.68.4$....Gq...*.Y..j.y.....%..XISD%W.P...Y.T.!.c._..~..w=..+...L..*Y..JB........;a..v......mx........q8."..g6s.X5..DoN..=~..J.xW;...G.g....h....nu.u...-.h......M .&.....vSj..i@.c.t(7...'.M.

                                                                                                                                                                                                                                        Chrome Cache Entry: 214

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:HTML document, ASCII text, with very long lines (7698)
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2259729
                                                                                                                                                                                                                                        Entropy (8bit):5.117288340050894
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:Vk87zXHZZUuwt++quK5vHaGmkXyJ8FoyJ4uhZfWyJ8dIyJS0lR/2CskVA8lEgY24:rzXkomkXyJ+oyJMyJKIyJLK
                                                                                                                                                                                                                                        MD5:2C792A9D2467B7D43109FB37B38B052F
                                                                                                                                                                                                                                        SHA1:B6EB644AD0F1D1AA78633E843A4DBDAC73A9106F
                                                                                                                                                                                                                                        SHA-256:9DC5AA1CBB52CBA8655CF04364297BBB22596A2918C7D84FCD5B26F9B5569DDA
                                                                                                                                                                                                                                        SHA-512:6E9501D0C1F99C25A29CA4C3BE25A01D5D68CE397917F68CCE79127A40E1C318623A1446B30056C29052DE64163F036AB8B64451C5558040F7A0CE39DDB72379
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:<!DOCTYPE html>.<html. class="MktRoot". lang="en-US". data-js-controller="Page". data-page-id="Home". data-page-title="Stripe | Financial Infrastructure for the Internet". data-loading.>. <head>. <script>window.__capturedErrors = [];.window.onerror = function (message, url, line, column, error) { __capturedErrors.push(error); };.window.onunhandledrejection = function(evt) { __capturedErrors.push(evt.reason); }.</script>.<meta. name="sentry-config". data-js-dsn="https://7cd38b0eb2b348b39a6002cc768f91c7@errors.stripe.com/376". data-js-release="18ddbc219dea7eb5851fd463088c993044956733". data-js-environment="production". data-js-project="mkt".>.. <meta name="experiment-treatments" content="wpp_site_mobile_header_nav_redesign_v2.treatment.ursula.71c9c027-e09d-4a0e-9f72-bbbab9f2fb4d.a,acquisition_start_now_copy_change.treatment_get_started.ursula.c71b0d22-f443-4e3a-9d09-570a5075612f.a,acquisition_mobile_sticky_nav_cta.control.ursula.8de45283-1dcd-4ea4-9618-0e1020cb4365.m,ac

                                                                                                                                                                                                                                        Chrome Cache Entry: 215

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (2037)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):5705
                                                                                                                                                                                                                                        Entropy (8bit):5.215307527153416
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:96:7BKV92E2UtAHfUxKetKkXm/Hw5BjmhLgVo/KM9389xp98JrVKol:7kftZAH8w/kGWkD/5a9xDyxKw
                                                                                                                                                                                                                                        MD5:91966F4FA26A336B323F26DF56340880
                                                                                                                                                                                                                                        SHA1:A751AB49ECEB896336E144B9EFE92706FC451ECC
                                                                                                                                                                                                                                        SHA-256:69F3BA8224AD36FDE400BFAC6CEEAB632AC179A9C408E1384892DA18AFEDCCA3
                                                                                                                                                                                                                                        SHA-512:C8F2E9EEDC0ED3D1B05EDC9E161C8EB3F1CDD10E69E906C5859A2768D41B56AEF9A3FF6BE4DC44A0EE210A32486FDEFADE374658403547CCC2642D663D2688CC
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/js/custom.js?ver=20231102
                                                                                                                                                                                                                                        Preview:(function($){'use strict';$.fn.scrollTo=function(options){var settings={offset:-60,speed:'slow',override:null,easing:null};if(options){if(options.override){options.override=(override('#')!=-1)?options.override:'#'+options.override;}.$.extend(settings,options);}.return this.each(function(i,el){$(el).click(function(e){var idToLookAt;if($(el).attr('href').match(/#/)!==null){e.preventDefault();idToLookAt=(settings.override)?settings.override:$(el).attr('href');if(history.pushState){history.pushState(null,null,idToLookAt);$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing);}else{$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing,function(e){window.location.hash=idToLookAt;});}}});});};$('#GoToHome, #GoToFeatures, #GoToDesc, #GoToGallery, #GoToPricing, #GoToTestimoni, #GoToContact, .GoToto,.GoTo a').scrollTo({speed:1400});var headerWrapper=parseInt($('.navbar').he

                                                                                                                                                                                                                                        Chrome Cache Entry: 216

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (11256), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):11256
                                                                                                                                                                                                                                        Entropy (8bit):5.010537766861896
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:xthsVmeDXDanvgZenjAJKdXSMpNO96hDIzL79V1QVSD1CNxn6fR31r:czDanvuenjAkNBhDInSwh31r
                                                                                                                                                                                                                                        MD5:2B0DD7EECEA03B4BDEDB94BA622FDB03
                                                                                                                                                                                                                                        SHA1:703BECBA85161118DD6FC66AF465428EF43F561C
                                                                                                                                                                                                                                        SHA-256:B7908A015A567EC2363011DF2475368DBFF34360E9DA3FDFF50604D6395FB646
                                                                                                                                                                                                                                        SHA-512:FE64CFF950921BDF83EC09FE79CA5CE52DE40F5B8788697EB1D7B28055F2817778347D5D3C81A324801C7EC7151B3EE0EEE99B2882C3C3B10BD760342D3BF3E7
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
                                                                                                                                                                                                                                        Preview:.mejs-offscreen{border:0;clip:rect(1px,1px,1px,1px);-webkit-clip-path:inset(50%);clip-path:inset(50%);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px;word-wrap:normal}.mejs-container{background:#000;font-family:Helvetica,Arial,serif;position:relative;text-align:left;text-indent:0;vertical-align:top}.mejs-container,.mejs-container *{box-sizing:border-box}.mejs-container video::-webkit-media-controls,.mejs-container video::-webkit-media-controls-panel,.mejs-container video::-webkit-media-controls-panel-container,.mejs-container video::-webkit-media-controls-start-playback-button{-webkit-appearance:none;display:none!important}.mejs-fill-container,.mejs-fill-container .mejs-container{height:100%;width:100%}.mejs-fill-container{background:transparent;margin:0 auto;overflow:hidden;position:relative}.mejs-container:focus{outline:none}.mejs-iframe-overlay{height:100%;position:absolute;width:100%}.mejs-embed,.mejs-embed body{background:#000;height:100%;margin:0;over

                                                                                                                                                                                                                                        Chrome Cache Entry: 217

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (7857), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):7857
                                                                                                                                                                                                                                        Entropy (8bit):5.0400341097316
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:96:DYWNsFrA2HSSHC6HiUQ2xYXNnk0cG9x73W35cZoZO1QtRU2oG:DY0sFs3uKugaEG
                                                                                                                                                                                                                                        MD5:74B22170180EFE7793BDFE46D0E3B154
                                                                                                                                                                                                                                        SHA1:FA57DE736CB7A4E201FEFD81DFDA7BD6AAEB47BB
                                                                                                                                                                                                                                        SHA-256:1B4FA08596005CF08763C9DB009D91A22C7427321A31E8A596DEFC5273C01C3A
                                                                                                                                                                                                                                        SHA-512:5C0DE79F53787C23DD4D0AF806D4D552E16E1D9E1036A0A220909952B05D8907989FE45F53662F485D599D160C921F8E3C9736C9B9FFD6F49AD4B454C2A35FB9
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/css/custom.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                                        Preview:@media screen and (min-width:783px){.admin-bar .navbar-fixed-top{top:32px}}@media screen and (min-width:600px) and (max-width:782px){.admin-bar .navbar-fixed-top{top:46px}}.cth-single img{max-width:100%;height:auto}.cth-pagecontent img{max-width:100%;height:auto}.meminz_main-nav>li.current-menu-parent>a,.meminz_main-nav>.open>a.dropdown-toggle,.meminz_main-nav>.open>a.dropdown-toggle:hover,.meminz_main-nav>.open>a.dropdown-toggle:focus{background-color:#2e2e2e!important}.meminz_main-nav ul.dropdown-menu{padding:0}.meminz_main-nav ul.dropdown-menu>li{background-color:#2e2e2e;padding:0}.meminz_main-nav ul.dropdown-menu>li>a{padding:15px}.meminz_main-nav ul.dropdown-menu>li>a:hover,.meminz_main-nav ul.dropdown-menu>li>a:focus{background-color:transparent}.meminz_main-nav ul.dropdown-menu>li.active>a{background-color:transparent}h3.comment-reply-title{font-size:24px;line-height:30px;margin-left:15px}#regpreloader,#logpreloader{display:none}.alert-box{color:#da9221}.modal-open{overflow:hidd

                                                                                                                                                                                                                                        Chrome Cache Entry: 218

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 219

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (31732)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):175832
                                                                                                                                                                                                                                        Entropy (8bit):5.326562004380053
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:1536:IAr2MRCqc1y3Nv4hQWiKWsCaqQe88wM/jFbJPFmT+PsWf51qx8O1y6uFgu+qGFXy:yMI1uv4hPiKWsCapIy6FP+V4P
                                                                                                                                                                                                                                        MD5:C1FDAEA3525460BE25C5285356725748
                                                                                                                                                                                                                                        SHA1:F70F1E2CDF0434A03709272CA69ACA5142759735
                                                                                                                                                                                                                                        SHA-256:B151E0809FA48FB22786AA7B41C464ED9E7231A12649454246D1FAD6159264BC
                                                                                                                                                                                                                                        SHA-512:5E6AA30A2AAAE7CB6C287CA74EC9ED278CC4FBA7A084AF6EBC77245B3BBB3778A02701689C5C87719F112EF58868E9C27A0F220658C761A2A8E73AAE756C058D
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/js/plugins.js?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                                        Preview:/*!.* Bootstrap v3.2.0 (http://getbootstrap.com).* Copyright 2011-2014 Twitter, Inc..* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).*/if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.support.transition&&(a.event.special.bsTransitionEnd={bindType:a.support.transition.end,delegateType:a.support.transition.end,handle:function(b){return a(b.target).is(this)?b.handleObj.handler.apply(this,arguments):void 0}})})}(

                                                                                                                                                                                                                                        Chrome Cache Entry: 220

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4629&rand=0.3235756268755505
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 221

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1536), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):1536
                                                                                                                                                                                                                                        Entropy (8bit):5.183165338359982
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:24:c1GuMxRRY5vkVtyXVERHG+nRp8wMkRN8jG5okSeaKMj4fd8+/qUCjTX:aGhxU5mcKnRiknEySwfd8+/qUGb
                                                                                                                                                                                                                                        MD5:118EDCCFEC036BFE34D6BDAFF6DACBFD
                                                                                                                                                                                                                                        SHA1:E3DD5274D03F0A11DDF0FAA444DD777D282419AE
                                                                                                                                                                                                                                        SHA-256:7EF7E3FA3B814AA895E747632BD2BA963804FC40D3239EA2959849D392CCE429
                                                                                                                                                                                                                                        SHA-512:6139180695FA6BF3E3774C748C8FCDAE8B301946F99044A410CF20C1E2B288102BCD48DCC3D90BE62D30ED24E5D32E6D2BF8A0A17763FBF88658029CF34A25D6
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522
                                                                                                                                                                                                                                        Preview:!function(){var e,t,i,o=document.cookie.replace(/(?:(?:^|.*;\s*)eucookielaw\s*\=\s*([^;]*).*$)|^.*$/,"$1"),n=document.getElementById("eu-cookie-law"),s=document.querySelector(".widget_eu_cookie_law_widget"),a=s&&s.hasAttribute("data-customize-widget-id");if(null!==s&&null!==n){if(e=function(){return Math.abs(document.body.getBoundingClientRect().y)},n.classList.contains("top")&&s.classList.add("top"),n.classList.contains("ads-active")){var c=document.cookie.replace(/(?:(?:^|.*;\s*)personalized-ads-consent\s*\=\s*([^;]*).*$)|^.*$/,"$1");""===o||""===c||a||n.parentNode.removeChild(n)}else""===o||a||n.parentNode.removeChild(n);document.body.appendChild(s),n.querySelector("form").addEventListener("submit",l),n.classList.contains("hide-on-scroll")?(t=e(),i=function(){Math.abs(e()-t)>50&&l()},window.addEventListener("scroll",i)):n.classList.contains("hide-on-time")&&setTimeout(l,1e3*n.getAttribute("data-hide-timeout"));var d=!1}function l(e){if(!d){d=!0,e&&e.preventDefault&&e.preventDefault(

                                                                                                                                                                                                                                        Chrome Cache Entry: 222

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (3661), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):3661
                                                                                                                                                                                                                                        Entropy (8bit):4.6987663121730785
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:HD95ltbkbW2WkA8S2u5Z+ss2utg2Cbcjkkvv+ss2E95lXYptg2H795lvPG:j9BbkbSX5ZojkkXm9rM9S
                                                                                                                                                                                                                                        MD5:13D15804666B3CFE5DA52BD01AFEF780
                                                                                                                                                                                                                                        SHA1:6D3120964389BE3E5062E920734FBDE12355FA57
                                                                                                                                                                                                                                        SHA-256:E33C9A9C34C4E9A6FDD1B301A2C0E4CA0EA4FE4DD66DF283E07189F5518BD5CB
                                                                                                                                                                                                                                        SHA-512:983750BABE137AF4642B2BABF9D12F56F33CF7A8329C46F7E694D928B2C6715B32B125BC8BAD6D6A34B7061FCBF174AA750371F099A2822589D1F3C7038F918D
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                                        Preview:a,a:focus,a:hover,a:active,.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:hover,.navbar-default .navbar-nav .dropdown.active a:hover,.navbar-default .navbar-nav .active a:focus,.navbar-default .navbar-nav .dropdown.active a:focus,.icon-counter:hover,.social-network a:hover,.social-network a:focus,.social-network a:active,.pe-feature,.accordion-heading a:hover i,.wpb_accordion_header a:hover i,.counter-number,.pricing-head.popular .pricing-price,.validation,.widget_nav_menu>div>ul li a:hover,.widget_rss>ul li a:hover,.widget_recent_comments>ul li a:hover,.widget_recent_entries>ul li a:hover,.widget_meta>ul li a:hover,.widget_archive>ul li a:hover,.widget_pages>ul li a:hover,.widget_categories>ul li a:hover,.recent li h6 a:hover,.pagination>li>a,.pagination>li>a:hover,.media h4.media-heading a:hover,.wpt-tabs>li>a,.wpt-tabs>li>a:hove

                                                                                                                                                                                                                                        Chrome Cache Entry: 223

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 224

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (374)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):508
                                                                                                                                                                                                                                        Entropy (8bit):4.970460111761285
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12:zUW7SmaGOdMI32O3RaDRhkZQy1Er3I7sKBuylcZ1nedKYCx:zUW7naZFCkZQy1EDIAKBuRZ1nOKYCx
                                                                                                                                                                                                                                        MD5:F35843BE4D3B337945EE7176358DDE94
                                                                                                                                                                                                                                        SHA1:80FDBE049F5084801A4FBB7F74DF509FD0033018
                                                                                                                                                                                                                                        SHA-256:D5CEDB938B4B9C83A8873860B4BF49FAD6BC1799B49987BE3CF1FD479868842F
                                                                                                                                                                                                                                        SHA-512:6B44D5CA2CF6677A9EFE814804529BC1A18626F81C35F32913DA257B1C4C405DB80E056D34B085F1B949E5A7FA20A5F03ECBA2E95EE6A12154BD5064F2CD8C2D
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/nextgen_fancybox_init.js?ver=3.59.2
                                                                                                                                                                                                                                        Preview:jQuery(function($){var nextgen_fancybox_init=function(){var selector=nextgen_lightbox_filter_selector($,$(".ngg-fancybox"));window.addEventListener("click",e=>{let $target=$(e.target);if($target.is(selector)||$target.parents('a').is(selector)){e.preventDefault();$(selector).fancybox({titlePosition:'inside',onComplete:function(){$('#fancybox-wrap').css('z-index',10000);}}).$target.trigger('click.fb');e.stopPropagation();}},true)};$(window).on('refreshed',nextgen_fancybox_init);nextgen_fancybox_init();});

                                                                                                                                                                                                                                        Chrome Cache Entry: 225

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):619030
                                                                                                                                                                                                                                        Entropy (8bit):5.359532927112307
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12288:Yg6vHFNvWS82iuEJLFLRLjLXdjstzgBROnvBXeD+s9AGmk6kNZjV0y0E3mHDZn4I:96TsBLYFrCCFzDIogq2lU
                                                                                                                                                                                                                                        MD5:206D0CB0F8A398CBA3F6C5C045508C70
                                                                                                                                                                                                                                        SHA1:491D13EE41C9CEB1FCE38DF272950E138A119D0D
                                                                                                                                                                                                                                        SHA-256:C48024E8C131EE717CEB86E61514A65D2FAB951B90B6D99D1708F26C7F77AC1C
                                                                                                                                                                                                                                        SHA-512:F9FDA097106502A966C6DC0C9F0A2967B1E7F333652798D645471BF54A87E47432D56E21B12E0EBDD0A598FD6952F0C671848918A57C3B4AD8B3FA8EE93CDFA2
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://js.stripe.com/v3/?ver=v3
                                                                                                                                                                                                                                        Preview:!function(){function e(t){var n=o[t];if(void 0!==n)return n.exports;var a=o[t]={id:t,loaded:!1,exports:{}};return r[t](a,a.exports,e),a.loaded=!0,a.exports}var t,n,r={723:function(e,t,n){"use strict";function r(e){l.length||(i(),!0),l[l.length]=e}function o(){for(;d<l.length;){var e=d;if(d+=1,l[e].call(),d>1024){for(var t=0,n=l.length-d;t<n;t++)l[t]=l[t+d];l.length-=d,d=0}}l.length=0,d=0,!1}function a(e){return function(){function t(){clearTimeout(n),clearInterval(r),e()}var n=setTimeout(t,0),r=setInterval(t,50)}}e.exports=r;var i,c,s,u,l=[],d=0,p=void 0!==n.g?n.g:self,m=p.MutationObserver||p.WebKitMutationObserver;"function"==typeof m?(c=1,s=new m(o),u=document.createTextNode(""),s.observe(u,{characterData:!0}),i=function(){c=-c,u.data=c}):i=a(o),r.requestFlush=i,r.makeRequestCallFromTimer=a},5937:function(e,t,n){e.exports=n.p+"fingerprinted/img/abnamro-4445e65420800f96f68cfc67a273f66b.svg"},1520:function(e,t,n){e.exports=n.p+"fingerprinted/img/asn-3d9b1bbff2f8f12105510992dbb37ae8.svg

                                                                                                                                                                                                                                        Chrome Cache Entry: 226

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):126
                                                                                                                                                                                                                                        Entropy (8bit):4.581458664403255
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:4BAG1HQvYKieo9y2UYs2G1W5HPSM9:42GApaU0Gc5qM9
                                                                                                                                                                                                                                        MD5:A91E105C444648F868EBAEB8A1D72581
                                                                                                                                                                                                                                        SHA1:9544022B30937034924D8E5937C50046F194AC8A
                                                                                                                                                                                                                                        SHA-256:8DDEA4EA676FBD039FBB1D849DA7A67B095D50C85C3F981F6445743C2BE218C6
                                                                                                                                                                                                                                        SHA-512:CAD19A4C2DF985F93181CB367B6661679EC73467A666E04FFE8F2678074DEF703E446C36200A351DF47B24DC201ABF873627B4031EA7DBE20477F328A6A8FB8F
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/edd-multi-currency/assets/build/style-frontend.css?ver=1.1.1
                                                                                                                                                                                                                                        Preview:.edd-multi-currency-selector-buttons form{display:flex;flex-wrap:wrap;gap:5px}.edd-multi-currency-button--selected{opacity:.6}

                                                                                                                                                                                                                                        Chrome Cache Entry: 227

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1162), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):1162
                                                                                                                                                                                                                                        Entropy (8bit):4.960638824017214
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:24:PGqJT5xJTF7jJY0iDDayDQeIxJsYNBx5v:PGqJHJR7jJYdD2yD3IxKYNBx5v
                                                                                                                                                                                                                                        MD5:75D36CE6FEA7DA47D1BF435453334FF9
                                                                                                                                                                                                                                        SHA1:AD7E2832DBAE78AC653C4DED3E9F4E643ACD1BED
                                                                                                                                                                                                                                        SHA-256:F77676010AF045F74F15412F1CA9B418478066304101556281C5B4E162932525
                                                                                                                                                                                                                                        SHA-512:CCD040E82FDC6D655FB4E000F50D7B178EB84C1149ACC24D7CA75F29842B76399E748C45B9C0DC7C2057194ED9A0F07EA8B46DAA9B79CAF38E63EDB740A9956A
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/theme-my-login/assets/styles/theme-my-login.min.css?ver=7.1.7
                                                                                                                                                                                                                                        Preview:.tml{font-size:1em}.tml *{box-sizing:border-box}.tml .tml-field-wrap{margin-bottom:1em}.tml .tml-label{display:block;margin:.5em 0}.tml .tml-checkbox+.tml-label{display:inline}.tml .tml-field{width:100%}.tml .tml-description{display:block;font-size:.85em;font-style:italic;margin:.5em 0}.tml .tml-errors,.tml .tml-messages{list-style:none;margin:0;padding:0}.tml .tml-action-confirmaction .success,.tml .tml-error,.tml .tml-message,.tml .tml-success{border-left:4px solid #00a0d2;box-shadow:1px 1px 2px 1px rgba(0,0,0,.1);display:block;margin:0 0 1em;padding:.75em}.tml .tml-error{border-left-color:#dc3232}.tml .tml-action-confirmaction .success,.tml .tml-success{border-left-color:#46b450}#pass-strength-result{background-color:#eee;border:1px solid #ddd;color:#23282d;font-weight:700;opacity:0;margin-bottom:1em;padding:.5em}#pass-strength-result.strong{background-color:#c1e1b9;border-color:#83c373;opacity:1}#pass-strength-result.good{background-color:#ffe399;border-color:#ffc733;opacity:1}#pas

                                                                                                                                                                                                                                        Chrome Cache Entry: 228

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (317)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):774
                                                                                                                                                                                                                                        Entropy (8bit):4.88213657489483
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12:AcSmaGXkoobkoorkooW/32NU/Fv2Jfe1qXy9Q17TF17s1TI7vYLOcIYLYm75O82T:VnX5I5k5QmO9e1iyATjwnLrls9p4TY
                                                                                                                                                                                                                                        MD5:2BAAAD1DEAF5836BA082ADC3E8CA2793
                                                                                                                                                                                                                                        SHA1:59DCD4726297A08027A41035F9464CECCC03196F
                                                                                                                                                                                                                                        SHA-256:DDA62E985647B4B8CA10D82DAAAFD193169F24ECA5FB3433FDFE605C5F645555
                                                                                                                                                                                                                                        SHA-512:02A7F9E580A9F1AE263A41107E307A49FC31E12AAB2AD36EC8F27301BC04BA3E7445198E074EB87D611FCE297F1D9FE605E2CF158C1763F056561F07B253BDE7
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/lightbox_context.js?ver=3.59.2
                                                                                                                                                                                                                                        Preview:function nextgen_lightbox_filter_selector($,selector).{if(nextgen_lightbox_settings&&nextgen_lightbox_settings.context){var context=nextgen_lightbox_settings.context;if(context=='all_images'){selector=selector.add($('a > img').parent());}.else if(context=='all_images_direct'){selector=selector.add($('a[href] > img').parent().filter(function(){var href=$(this).attr('href').toLowerCase();var ext=href.substring(href.length-3);var ext2=href.substring(href.length-4);return(ext=='jpg'||ext=='gif'||ext=='png'||ext2=='tiff'||ext2=='jpeg'||ext2=='webp');}));}.else if(context=='nextgen_and_wp_images'){selector=selector.add($('a > img[class*="wp-image-"]').parent());}.selector=selector.not('.gallery_link');selector=selector.not('.use_imagebrowser_effect');}.return selector;}

                                                                                                                                                                                                                                        Chrome Cache Entry: 229

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:PNG image data, 284 x 1, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):147
                                                                                                                                                                                                                                        Entropy (8bit):6.251894708561177
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:yionv//thPkQJ8NsyxL3BWWbj2vUMPP8p8pHIvMCX664klllsg1p:6v/lhPkQ+NsyhxWWbCXa8ZILrplVp
                                                                                                                                                                                                                                        MD5:BEBD92A0383F89B9A054A6105C2505DB
                                                                                                                                                                                                                                        SHA1:46AF38517F25DB472559591E3B4C590EB9305DBA
                                                                                                                                                                                                                                        SHA-256:889EA07BDBC7C660C5D6227693EAC900DEAD21BEBAFBE74529B9B368B792CED8
                                                                                                                                                                                                                                        SHA-512:0C291D2C60305031294E5BF96FC3D0ABDDC23AB4B0AB3F34DFDF887904D555BEAAB4D59A4B3075B8A990CF55FAAB02C5E33E3E8917DFA7861BE45A24F062D716
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:.PNG........IHDR...................ZIDATx.....0....._..h......u..I..X..5a.:.*..z{.W....<.J..[.z..9.f..C.Mw... ...h.n..g.F...[;.c.h)....IEND.B`.

                                                                                                                                                                                                                                        Chrome Cache Entry: 230

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (65358)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):464668
                                                                                                                                                                                                                                        Entropy (8bit):4.92360139714976
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3072:QRXlvmKEB1FJ8iJc0E/aCeLYtz+RJwKZ1kkUSbxhJwdO8BEo2HwSMxnp5ANdl0gv:QRXC8/0h
                                                                                                                                                                                                                                        MD5:FB5F518EB9199B22350C111C413F066F
                                                                                                                                                                                                                                        SHA1:49BAA6BD0902CC4ABB5EE499725084ABD5FBE525
                                                                                                                                                                                                                                        SHA-256:CAAD2ECF2E37F3007E63C118A4C26A9CC26A62C495FBDD4B9D20E55BC89052D9
                                                                                                                                                                                                                                        SHA-512:CF3B2784EF33FFC3461BD7F48EA3E2C24607ACB87597444F94DFD888F7F8DBC7D64AD9ABF1F9C2A99EED1393D43A3A536B000BEABD757D69E92E4CD6B3E2B0F4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.6
                                                                                                                                                                                                                                        Preview:/*!. * WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2024 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. */...vc_row:after,.vc_row:before{content:" ";display:table}.vc_row:after{clear:both}@media (max-width:767px){.vc_hidden-xs{display:none!important}}@media (min-width:768px) and (max-width:991px){.vc_hidden-sm{display:none!important}}@media (min-width:992px) and (max-width:1199px){.vc_hidden-md{display:none!important}}@media (min-width:1200px){.vc_hidden-lg{display:none!important}}.vc_non_responsive .vc_row .vc_col-sm-1{position:relative;float:left;width:8.33333333%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-2{position:relative;float:left;width:16.66666667%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-3{position:relative;float:left;width:25%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col

                                                                                                                                                                                                                                        Chrome Cache Entry: 231

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (415)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):2782
                                                                                                                                                                                                                                        Entropy (8bit):5.171696106446853
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:ZVeKD0yFFL4V0JJmHB0xOtxODzX2asXz2asiuw6OLnXpcvHbhJuLufSk+:X9ZJ4yvOjO2LXaLiuoL+gLuaB
                                                                                                                                                                                                                                        MD5:D9DF4BC08617F73FE4254C9448ED4F3C
                                                                                                                                                                                                                                        SHA1:4F5DA30B23C72A847D480856B139E05692F3944D
                                                                                                                                                                                                                                        SHA-256:FA5FCE5A6A7B4E4595EFE09FFE10D21967C3FB6DD0A6CD5E05CCBAF2F736C477
                                                                                                                                                                                                                                        SHA-512:0ED912C15313255C3FF205FE55BC7AD5B768D5C800C97FAEAB75B0B932F6F0ED41FE5859675E60219D3DFDAACD8A48970F8FC23AB877A97CD1400FDB87E43A87
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Legacy/ajax.min.js?ver=3.59.2
                                                                                                                                                                                                                                        Preview:// TODO: This file can be removed once the minimum Pro API version is 4.0.EasyCookie=(function(){var EPOCH='Thu, 01-Jan-1970 00:00:01 GMT',RATIO=1000*60*60*24,KEYS=['expires','path','domain'],esc=escape,un=unescape,doc=document,me;var get_now=function(){var r=new Date();r.setTime(r.getTime());return r;}. var cookify=function(c_key,c_val){var i,key,val,r=[],opt=(arguments.length>2)?arguments[2]:{};r.push(esc(c_key)+'='+esc(c_val));for(i=0;i<KEYS.length;i++){key=KEYS[i];if(val=opt[key]). r.push(key+'='+val);}. if(opt.secure). r.push('secure');return r.join('; ');}. var alive=function(){var k='__EC_TEST__',v=new Date();v=v.toGMTString();this.set(k,v);this.enabled=(this.remove(k)==v);return this.enabled;}. me={set:function(key,val){var opt=(arguments.length>2)?arguments[2]:{},now=get_now(),expire_at,cfg={};if(opt.expires){opt.expires*=RATIO;cfg.expires=new Date(now.getTime()+opt.expires);cfg.expires=cfg.expires.toGMTString();}. var keys=['path','dom

                                                                                                                                                                                                                                        Chrome Cache Entry: 232

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (875)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):2726
                                                                                                                                                                                                                                        Entropy (8bit):4.915026808829665
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:qM+xo+mvbAB8MNshxFqYkMr4MlMKl5ZBVPcfvleBRpsHxFqluxFhxAvw/ycp9l:FZvbAyMNMxsTy42lPE30BXKxsluxuw/1
                                                                                                                                                                                                                                        MD5:00A8C0F92F46546F8C6E1B7E81BA5C4C
                                                                                                                                                                                                                                        SHA1:C06F28F34158263BA653E3B03B95A3DCED83E242
                                                                                                                                                                                                                                        SHA-256:DFA950382763457A05CBC2E4931726EB78F59C1A2E51C203F0053220F27349E6
                                                                                                                                                                                                                                        SHA-512:FCDE357CCED15E3FDF17BAA9D732E7DE9278994C0B008A18BE58DD8183EA0ADAB4437C48DD135AAB443A8FB2D54901D0D2158453E51435451BD8DA6A8B702FD5
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/edd-recurring/assets/js/edd-frontend-recurring.js?ver=2.12.3
                                                                                                                                                                                                                                        Preview:var edd_scripts;jQuery(document).ready(function($){$('.edd_subscription_cancel').on('click',function(e){if(confirm(edd_recurring_vars.confirm_cancel)){return true;}.return false;});$('.edd_download_purchase_form').each(function(){var form=$(this);if(form.find('.edd-cp-container').length&&form.find('.edd_price_options').length){var terms=form.find('.eddr-custom-terms-notice');var signup_fee=form.find('.eddr-custom-signup-fee-notice');terms.prev().append(terms);signup_fee.prev().append(signup_fee);terms.show();signup_fee.show();}else if(form.find('.edd-cp-container').length){form.find('.edd_cp_price').keyup(function(){form.find('.eddr-terms-notice,.eddr-signup-fee-notice').hide();form.find('.eddr-custom-terms-notice,.eddr-custom-signup-fee-notice').show();});}});$('#edd_purchase_form').on('focusout','#edd-email',function(){if('undefined'==edd_scripts){return;}.if(!edd_recurring_vars.has_trial){return;}.var email=$(this).val();var product_ids=[];$('body').find('.edd_cart_item').each(funct

                                                                                                                                                                                                                                        Chrome Cache Entry: 233

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3385&rand=0.4022322553563107
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 234

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:HTML document, ASCII text, with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):200
                                                                                                                                                                                                                                        Entropy (8bit):4.942373347667344
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:qTkIDZxVsJYkup3XyHFeTrAyTKTWKMrBKblbJ4ZNDpVbz2USrGXI9kBbZ6iF4:qTjxVgYkYv3J/14QpcUAVuB965
                                                                                                                                                                                                                                        MD5:3437AADDCDF6922D623E172C2D6F9278
                                                                                                                                                                                                                                        SHA1:F69066CF20141AC93418102D3EEE7C0225B8A623
                                                                                                                                                                                                                                        SHA-256:35DCC382EB69D00369D708708CDC545F3968B68FA5BBE3E728D11FEDD04F93BB
                                                                                                                                                                                                                                        SHA-512:2DAE5C5C30C6A0E763D8128F2CE1D467EAD432E582AB4EBB68E23991DB08F57490ABC0EED805FD33FAB5503C1737D9D47D4CC1090AE15D7391593FBB295D66E7
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
                                                                                                                                                                                                                                        Preview:<!doctype html><html><head><meta charset="utf-8"/><script defer="defer" src="https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js"></script></head><body></body></html>

                                                                                                                                                                                                                                        Chrome Cache Entry: 235

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):246
                                                                                                                                                                                                                                        Entropy (8bit):4.8128133058376905
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:feIGjCDfAcf3hARIXXyIqxBMgX/UfVgVkYfKxWzCiSfKxW4qUu5UtgseBWBZ8VNG:fXwyfhtnGsgP0KiV7yFMLs9cVNKmVjL+
                                                                                                                                                                                                                                        MD5:7B6BF8D276596B53213E3F66EBB5BA76
                                                                                                                                                                                                                                        SHA1:B8BE3D0E037142B2AEC0EBFC49B16769E18DF517
                                                                                                                                                                                                                                        SHA-256:70CB8F99CA02AD969318B0085DD79041CC47F82AF5560CC98847C4B86F9DE273
                                                                                                                                                                                                                                        SHA-512:63965FBE921F71E75B4850F848F1B38993C35E2208F7A8DB3DCDF2C4717A87A43C5385F011ADBA7EA6AC59152D067D0DB87ECAB5226A06F1535FABB47087AF35
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/easy-digital-downloads-pro/includes/blocks/assets/css/edd-blocks.css?ver=3.2.11
                                                                                                                                                                                                                                        Preview::root{--edd-blocks-light-grey: #eee}.screen-reader-text{border:0;clip:rect(1px,1px,1px,1px);-webkit-clip-path:inset(50%);clip-path:inset(50%);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px;word-wrap:normal!important}

                                                                                                                                                                                                                                        Chrome Cache Entry: 236

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (511)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):1179
                                                                                                                                                                                                                                        Entropy (8bit):5.234694297955699
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:24:2Iet77PIXA4YIVZqIpPDovaJJaRRNzsIl1l+V7MI+dG9RbiiVwzkI1E:tet7DMAfpKMoJathoMNdKNeoIC
                                                                                                                                                                                                                                        MD5:D2C7D23AE1C26DA6614FCAA412C92256
                                                                                                                                                                                                                                        SHA1:51FEAD35895BBC93E08CC05896A2B08DBC6D8839
                                                                                                                                                                                                                                        SHA-256:E6563635F5AC513E588DE6D7B8ECBBEEE70FE3FF0E88FA09BB22A6821EBF7833
                                                                                                                                                                                                                                        SHA-512:7B78CFEE4CB120C2D8C507A90C1D8DAD027B56A588469261AB47702AF3EA731D5A3251E4DA22CF278BB816C5E94AEFF8259837227A13E9310EE9257B903D5EC7
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/js/anchor-offset.js?ver=2
                                                                                                                                                                                                                                        Preview:(function(document,history,location){var HISTORY_SUPPORT=!!(history&&history.pushState);var anchorScrolls={ANCHOR_REGEX:/^#[^ ]+$/,OFFSET_HEIGHT_PX:75,init:function(){this.scrollToCurrent();window.addEventListener('hashchange',this.scrollToCurrent.bind(this));document.body.addEventListener('click',this.delegateAnchors.bind(this));},getFixedOffset:function(){return this.OFFSET_HEIGHT_PX;},scrollIfAnchor:function(href,pushToHistory){var match,rect,anchorOffset;if(!this.ANCHOR_REGEX.test(href)){return false;}.match=document.getElementById(href.slice(1));if(match){rect=match.getBoundingClientRect();anchorOffset=window.pageYOffset+rect.top-this.getFixedOffset();window.scrollTo(window.pageXOffset,anchorOffset);if(HISTORY_SUPPORT&&pushToHistory){history.pushState({},document.title,location.pathname+href);}}.return!!match;},scrollToCurrent:function(){this.scrollIfAnchor(window.location.hash);},delegateAnchors:function(e){var elem=e.target;if(elem.nodeName==='A'&&this.scrollIfAnchor(elem.getAtt

                                                                                                                                                                                                                                        Chrome Cache Entry: 237

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 238

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2888&rand=0.17584099737033543
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 239

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):88
                                                                                                                                                                                                                                        Entropy (8bit):4.817052925307969
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:HiQVmzthrp6EkD+CG7u8niQVmzthrp6EkD+CG7/:CQVq3v4+FS2iQVq3v4+FL
                                                                                                                                                                                                                                        MD5:A179A19E8CF6508C2CAD87E75C2E0E46
                                                                                                                                                                                                                                        SHA1:B871B67F030B0C4C483D7C73CCA4D457778A1360
                                                                                                                                                                                                                                        SHA-256:986407D2E0568E6BC2FB548172F56C378DE1FA4D21A09A7808E8E065CC205C6A
                                                                                                                                                                                                                                        SHA-512:20A08E7882A64E2E8065C068B04F4756CC2EEAA364974EE87224CBFFE3BA035DFD38CEE3129F44BC9AE71DA2F91E9C081D26879DB98D8E1E6077B2B2B6B09680
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAno6FrfIhOQNxIFDY3nLPUSEAngyy7BDf5kRxIFDY3nLPUSEAkSDsvm0IRkdRIFDY3nLPUSEAkdWAETn2si3BIFDY3nLPUSEAkW1UiMX0tYVRIFDY3nLPUSEAkqm5nTo5wGtBIFDY3nLPU=?alt=proto
                                                                                                                                                                                                                                        Preview:CgkKBw2N5yz1GgAKCQoHDY3nLPUaAAoJCgcNjecs9RoACgkKBw2N5yz1GgAKCQoHDY3nLPUaAAoJCgcNjecs9RoA

                                                                                                                                                                                                                                        Chrome Cache Entry: 240

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:PNG image data, 273 x 100, 8-bit colormap, non-interlaced
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):2914
                                                                                                                                                                                                                                        Entropy (8bit):7.784385117533677
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:VU6G+hsDi9WLfcNaSSOS5+8kZwnDRddq5Fh2UU8fo4bX6dDbMnA/YYo+CiE7fS:VU6HbkUYATwD05v/fR7QbQAQXprfS
                                                                                                                                                                                                                                        MD5:4E8DA7B8D47BF1A9A4A6DA940E5FA3B6
                                                                                                                                                                                                                                        SHA1:334E0A16D2019906E921C50449ED4B6D1A421602
                                                                                                                                                                                                                                        SHA-256:68BA815ADCA8477C32E5AF551C3CA9A406CF5723CC44D9D46286D9A3C549C113
                                                                                                                                                                                                                                        SHA-512:9A10F0CE5C518F58B7D08EA3C2BFCB4882FD2B79866DF572F828480F8E6F813FEE03D195E71E3592B543E204723C11522DAB0F663DC72AD8F589E64E48A5D704
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:.PNG........IHDR.......d........z....PLTE.................................................................2..o....@..O..}....7.......r.5........<.....d...........v...{.%............-...T.`o.V..X.........s.=..C................-.=..9M.=........V....._.........y./8.8;.My.K..Ms.s...F.S^.IK.\..h......a.-...M.6....-...D.IA.I..?~.@F.H_.EM.H>.H..=e.DU.F[.E..?I.GX.Gw.Bq.BK.HP.Gn.D..6H.G..?a.ER.F|.Bm.B..Bt.By.A..@..?h.D:.Ik.E{.A..:../..;r.Df.Dh.?..;..9..2...:.=....S>.Dv.9..Ix.<}.&.........ua.@.........fD.C0.Bm.;#.6....\L.?p.;z.6...[.nN._E.PZ.>..i.{......_tRNS.........3".g..t B..y ..i...7..%..V<..rF.cJC)..;...(....ig^K........xo`.....zW....}N...D........IDATx...W.A......H.P....$.cz.c@..".h...n4.$..{.bf.#y.....}...~............H*....\..F...Q 0.ua!..D..i.....|..LC.P..td.Y .wT:..A..r.@`.,.Ts.P8.....F.=}w..X..*.<..{m?.0..j{..Y2.Lp.M....u..o.|....3..I:....E.....kmO..J...L...s........+..O...(......."Fr.......8..80.Gw.f..H\.....h.$-Q......r.l....g5.Qj)...

                                                                                                                                                                                                                                        Chrome Cache Entry: 241

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (65447)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):87553
                                                                                                                                                                                                                                        Entropy (8bit):5.262620498676155
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO
                                                                                                                                                                                                                                        MD5:826EB77E86B02AB7724FE3D0141FF87C
                                                                                                                                                                                                                                        SHA1:79CD3587D565AFE290076A8D36C31C305A573D18
                                                                                                                                                                                                                                        SHA-256:CB6F2D32C49D1C2B25E9FFC9AAAFA3F83075346C01BCD4AE6EB187392A4292CF
                                                                                                                                                                                                                                        SHA-512:FC79FDB76763025DC39FAC045A215FF155EF2F492A0E9640079D6F089FA6218AF2B3AB7C6EAF636827DEE9294E6939A95AB24554E870C976679C25567AD6374C
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
                                                                                                                                                                                                                                        Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                                                                                                                                                                                                                        Chrome Cache Entry: 242

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):2316
                                                                                                                                                                                                                                        Entropy (8bit):5.408193825994515
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:1OEaNFlOEaNTFZKOEaNZOEaNW3yOEaN3AOEaNgRVc+umOEaN+1N0oD:1OEaNFlOEaNTFZKOEaNZOEaNW3yOEaNw
                                                                                                                                                                                                                                        MD5:DDFFFA73A3AD101DE750962D005D7037
                                                                                                                                                                                                                                        SHA1:4C82D80E86B6562BAF0AB94A56BE20C44B4F6F47
                                                                                                                                                                                                                                        SHA-256:838E680CA964A26C94665951577F3F0902EF54DE2EE063D3465F22945DC44AFA
                                                                                                                                                                                                                                        SHA-512:A0A5A009F97833388DE820832DCF863CF10C3CBB9B062B0CD80AFAB9A15C871F8CF11D31D8DA73986BC31A86A46F70710D35480413948585F56BA3D5D3DFA0AD
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://fonts.googleapis.com/css2?family=Roboto&display=swap
                                                                                                                                                                                                                                        Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s

                                                                                                                                                                                                                                        Chrome Cache Entry: 243

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2995&rand=0.5630717407710482
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 244

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 245

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.9114243600301877
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 246

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (65435)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):250825
                                                                                                                                                                                                                                        Entropy (8bit):5.166059085657678
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6144:zGRd+28UZaUkZgwG1ZAIkKDJ3bys5XrHeI0RTR:zG3+2/ZaNZgwG1ZAIkKDJ3bys5XrHeI0
                                                                                                                                                                                                                                        MD5:532409C8AE96C154257149A64C491A4A
                                                                                                                                                                                                                                        SHA1:7F92B666552D020F5DD6D6D60ADCA2333BD3B880
                                                                                                                                                                                                                                        SHA-256:52140A1D26A0C9B898927633B414E00E18366C7DF1654CBDBF522326F2B495C0
                                                                                                                                                                                                                                        SHA-512:9B75AB2610981D7285CA6B539968266F64FCE1E668E25FF75BE6E6F0D4E971178313592709071031253E4D68D5BD85EE67EF544CB2FF8CB9A0BE515579DA4995
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028
                                                                                                                                                                                                                                        Preview:@charset "UTF-8";/*!* Bootstrap v3.3.6 (http://getbootstrap.com).* Copyright 2011-2015 Twitter, Inc..* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)*//*!normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css*/html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1e

                                                                                                                                                                                                                                        Chrome Cache Entry: 247

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:assembler source, ASCII text, with very long lines (53369), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):53369
                                                                                                                                                                                                                                        Entropy (8bit):4.94034553427827
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:Tur+pOL+TuF7sm2sJdFVKcIgtCGlnrnTmMPYk+nDgGjn60qcoaHrdHZdJjdaZquL:vpOmu2yURL3mZJ
                                                                                                                                                                                                                                        MD5:B41DE36A7659A91282C0E4E4E0ABBEB9
                                                                                                                                                                                                                                        SHA1:08DE848D7F2B9D1829A82ABD63C616616337D613
                                                                                                                                                                                                                                        SHA-256:F5BDAD0CE87563652C4B13CDD3F20A75101DB52BD69AF52A878D28F5FF6CE0C6
                                                                                                                                                                                                                                        SHA-512:46DFE1CE4B5A382049B0237A87A10CBDF54A322D2692F3E61C0221C571EAB7FBDD148E69CEAB5FB6FA632D63F867B581BCC37F3A6208653FA707D376AC5B31D3
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/redux-framework/redux-core/assets/css/extendify-utilities.css?ver=4.4.15
                                                                                                                                                                                                                                        Preview:.text-stroke,.text-stroke--primary,.text-stroke--secondary{-webkit-text-stroke-width:var(--wp--custom--typography--text-stroke-width,2px)!important}.ext-absolute{position:absolute!important}.bring-to-front,.ext .wp-block-image,.ext-relative{position:relative!important}.ext-top-base{top:var(--wp--style--block-gap,1.75rem)!important}.ext-top-lg{top:var(--extendify--spacing--large,3rem)!important}.ext--top-base{top:calc(var(--wp--style--block-gap,1.75rem) * -1)!important}.ext--top-lg{top:calc(var(--extendify--spacing--large,3rem) * -1)!important}.ext-right-base{right:var(--wp--style--block-gap,1.75rem)!important}.ext-right-lg{right:var(--extendify--spacing--large,3rem)!important}.ext--right-base{right:calc(var(--wp--style--block-gap,1.75rem) * -1)!important}.ext--right-lg{right:calc(var(--extendify--spacing--large,3rem) * -1)!important}.ext-bottom-base{bottom:var(--wp--style--block-gap,1.75rem)!important}.ext-bottom-lg{bottom:var(--extendify--spacing--large,3rem)!important}.ext--bottom-ba

                                                                                                                                                                                                                                        Chrome Cache Entry: 248

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2620&rand=0.6121610810402847
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 249

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (526), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):526
                                                                                                                                                                                                                                        Entropy (8bit):4.844995662196588
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:12:c4GJ0k2lvgyT6d1uOMXUZsCxYADLsdfPw3CgrR5jddeU7nu:c5D2BtT67uOMXUZjxYOLsOCgrN80u
                                                                                                                                                                                                                                        MD5:D96C709017743C0759CF3853D1806BA5
                                                                                                                                                                                                                                        SHA1:72E21587610C49C8305A55E71F73FA88ED618205
                                                                                                                                                                                                                                        SHA-256:BA2338AA6670580269C762F51C4291DAEF913201AA8F4D4FD166C1A878262652
                                                                                                                                                                                                                                        SHA-512:974E260ED8BD1D99628FC3248F07179F6EA228E37A6B9D3EF906DBA57571F2DF54D73F93D1F3460902D28A90BD4793BCA35477B2EF8FBF424B9112147F04BCCF
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
                                                                                                                                                                                                                                        Preview:!function(){"use strict";var e="https://m.stripe.network",n=window.location.hash,t=/preview=true/.test(n)?"inner-preview.html":"inner.html",o=document.createElement("iframe");o.src="".concat(e,"/").concat(t).concat(n);var i=function(n){if(n.origin===e){var t=window.opener||window.parent||window;if(!t)return;t.postMessage(n.data,"*")}else o.contentWindow.postMessage(n.data,"*")};window.addEventListener?window.addEventListener("message",i,!1):window.attachEvent("onMessage",i),document.body&&document.body.appendChild(o)}();

                                                                                                                                                                                                                                        Chrome Cache Entry: 250

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (20538)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):20757
                                                                                                                                                                                                                                        Entropy (8bit):5.25041304835653
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:384:2ecIpaRa7LJom2xdeuxOqjHxehwRUsOFzDlMa+jSa54ZEbq:2ecIp/7LJom2xdeuLHkhAUsOFzDlMa++
                                                                                                                                                                                                                                        MD5:F905907E6908BA3646D8FB7E41484531
                                                                                                                                                                                                                                        SHA1:B5DAC8702B02FF2015EFFDF26CC2781C5C134ED3
                                                                                                                                                                                                                                        SHA-256:C30B6D9818F986DA2367E411CEBF9AA5BF2EB3580A1BF3ACB573F9481F0DE5AB
                                                                                                                                                                                                                                        SHA-512:D866D49F73F5242A1EAEF9C80110FAB90C757398905C06014CE8262D77F74242A5877FC562FC6D8625B790EC513DB7E807565DBE69BF7A835E0A311078D129C8
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6
                                                                                                                                                                                                                                        Preview:/*!. * WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2024 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. */..// jscs:disable.// jshint ignore: start..document.documentElement.className+=" js_active ",document.documentElement.className+="ontouchstart"in document.documentElement?" vc_mobile ":" vc_desktop ",function(){for(var prefix=["-webkit-","-moz-","-ms-","-o-",""],i=0;i<prefix.length;i++)prefix[i]+"transform"in document.documentElement.style&&(document.documentElement.className+=" vc_transform ")}(),function($){"function"!=typeof window.vc_js&&(window.vc_js=function(){"use strict";vc_toggleBehaviour(),vc_tabsBehaviour(),vc_accordionBehaviour(),vc_teaserGrid(),vc_carouselBehaviour(),vc_slidersBehaviour(),vc_prettyPhoto(),vc_pinterest(),vc_progress_bar(),vc_plugin_flexslider(),vc_gridBehaviour(),vc_rowBehaviour(),vc_prepareHoverBox(),vc_googleMapsPointer(),vc_ttaActivation(),vc_ttaToggleBehaviour(),jQuery(document).t

                                                                                                                                                                                                                                        Chrome Cache Entry: 251

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5823933832413537
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 252

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):66624
                                                                                                                                                                                                                                        Entropy (8bit):7.996443365254666
                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                        SSDEEP:1536:P7P0ehdxE792JHJ2qrz+MoCpeUtsG9eDeh9Zw+ZyqJ:PPlYw1re8Lsqh7MqJ
                                                                                                                                                                                                                                        MD5:DB812D8A70A4E88E888744C1C9A27E89
                                                                                                                                                                                                                                        SHA1:638C652D623280A58144F93E7B552C66D1667A11
                                                                                                                                                                                                                                        SHA-256:FF82AEED6B9BB6701696C84D1B223D2E682EB78C89117A438CE6CFEA8C498995
                                                                                                                                                                                                                                        SHA-512:17222F02957B3335849E3FE277B17C21C4AAF0C76CD3DA01A4CA39C035629695D29645913865B78E097066492F9CEE5618AF5159560363D2723BED7C3B9CF2A8
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/fonts/fontawesome-webfont.woff2?v=4.5.0
                                                                                                                                                                                                                                        Preview:wOF2.......@......*.............................?FFTM.. .`..r........5.6.$........ ..... ?webf.[.....@...nC....t.TL...f...t....q...5....?=i.l..\.vl ..T...b.... .1.f..7.T.Q....D.;:...1.l.jv..e....n..E....k5>.d.7Q.l..Ba....u.x].......W.C....$.8.v#..y`..F..1aM.8.....w.=|'..0..T|..2/..M.%.b.. .tY$!.....5cb.....(.&.-A/mY......./y..o\........Z=.....5c.k._.n3...(W.........Nag+.....O.R.'...5...=?....m...L......:..*._V...........z+zc.1`..Q#j.../.Z0...-..F..i.b.F"2.<EE...;.."u?..........R.Z.HR..D...x.Y,.5.Tt.vb...e..YN..sFND+........1.......`.....D.(.&6baP6(.....X.6gNW.6k..9]..v......$Cf.v.v..x@..-J.`G...w..w[..A.......4.msI>....i.......p..F(2b....~H.]J.]..j....F.f-~.@......gg.B.-..Tx.%..pU.u..me....'........;...@7..t.=pN....../_.U8.....r....s...X=g....H........j..c....d._1l:1i..I..T.r..>.....v{Gb...T1*...f.-.x.-i..{..1..h...>..(..3.3..!.$.:.....j.~....:ugv.......%.....?...d..5+......fU.z...X.X.<.c%@fBHO.8.....i..G...{...[..M#.FZk."_.'.n{.

                                                                                                                                                                                                                                        Chrome Cache Entry: 253

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):2550
                                                                                                                                                                                                                                        Entropy (8bit):7.902095624622937
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:zf/k5ek6HGzl0PfBq2QyFFmNkppdh0AYlZYiEsHNhq1XtoLZqSVkaVkL:LzmZ0kp26AAYPsHNhatOqSCaVq
                                                                                                                                                                                                                                        MD5:6CD06EAE151515BF506BE1EE105DC896
                                                                                                                                                                                                                                        SHA1:AA1B8F9103262CE6BE28AF74F98D012EC15675AA
                                                                                                                                                                                                                                        SHA-256:803FC07EFA4857073983BE545921C834451FA82C7CACC18C813112248A8BFD32
                                                                                                                                                                                                                                        SHA-512:D370ACA0F1AA5952A1DB5854934BC84A44BBB44F9469F16A66E37C96D666FFCFD0C4E54AEBC48358178C3C12CA039C85B1D41D62ED11E0C57A2F554AAE51F278
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/uploads/bitsum_logo_transparent.png
                                                                                                                                                                                                                                        Preview:RIFF....WEBPVP8L..../......9.$I...T./.O...T.ml.......O3.tA....K.l.V.}m.y.w.x...[..j..R...0..).A..@#D.RwRz......@Co..H .?.@.....P@.? ...h..... ...( ....._..4.@..........Z.].^}.o.....?.pJuW..kSL$..z..WN%W......Z.n...Ft.&W#..."..GJtF..]..oK....=..d...<...fGC[.v...*e.#.- ..j....A.F..@.C.T...*.)..@B.cE@-.@P).0Ce.i.,D.......).t..Y..Q........m4..3LC..{...[.J..E...h...:.<..H8.Q.j`H...q..Wf\.....j .....Qrj.oZ....K.......`n.....5..}$..%............6...m..?..P....4.9....M#.....NaJ.....`.q.a.].....e.6........?..O.$..6..ef.1....^........./......{g....=-....Z......M-.\.R4;..[.....b...[.-I.b...z,-....cS...`..../..W.?.4....A..w.|9bG-.g_......./.a......_......{........}.?9'.....e.l[Z.c..+......!.$.vC.8=.....]...35Qr..1$S..L/V.`u.j=[.<.!1;..h..+..u...L.[.....=...d..`D`|....V.....D....@....l[..S.o.:v..+}...............O.F..5...........^pdQ.iB..7....Q..G..<".Y.{.?J?..^V..O..m.....O~..#l8..s..CM..Yl.(.L.)...|...G).?z........g.(.Xs.{.#..)

                                                                                                                                                                                                                                        Chrome Cache Entry: 254

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):262
                                                                                                                                                                                                                                        Entropy (8bit):4.4960399456471905
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:6:45HisLgCRoBH1FAZnRIw0ERI8f+J04tRIDJalUL/RIxX7lUn:4YbZbFcRa4Lf+68QJalULZArlUn
                                                                                                                                                                                                                                        MD5:453FFE65DF6E2070B9296A78F95A3650
                                                                                                                                                                                                                                        SHA1:DB04647677FE923593AEB07A1FBC3B08FE89BEB0
                                                                                                                                                                                                                                        SHA-256:73468C302903216E3DF5BEBDF1B2801D3B5E4E59858E5F757BBACD013DB62C26
                                                                                                                                                                                                                                        SHA-512:9C8FEC9D29681B7D1CC85B0175A80F0D28A49A24008538D7E3BD60A60019E2FBB9BBD3226EEC983038A808EDFF4FCAC256DA3DC253258C3D863B1414A71E3907
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/bitsum-wp//css/edd-supplemental-styles.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                                        Preview:.edd-price-row{text-align:center;font-size:1.2em;line-height:1.2em}.edd-price-heading{text-align:center}.edd-checkout-strikethrough-price{text-decoration:line-through;color:red}.edd-checkout-sale-price{font-weight:700}.edd-checkout-regular-price{font-weight:700}

                                                                                                                                                                                                                                        Chrome Cache Entry: 255

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3229&rand=0.6605735035558935
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 256

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 257

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 258

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):75760
                                                                                                                                                                                                                                        Entropy (8bit):7.997151326002779
                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                        SSDEEP:1536:eDCuynfMqYjuMdpP1pYdx/Ox3QCm5Ryt4nDcr1hPbvPX/1fD:OWnfUj5XtpYdh8CR/QPbZ
                                                                                                                                                                                                                                        MD5:832F6E62AAF3909D6B94C8A9C1E4DD51
                                                                                                                                                                                                                                        SHA1:4A06418CB56A66AF5A1C0F59791469DEA1DC87FA
                                                                                                                                                                                                                                        SHA-256:8556FD48CF33CA3028E3FFF4042979F224987EE317CC9032DD5BBA996B363009
                                                                                                                                                                                                                                        SHA-512:6DDCD01A3C660F62049415C24C76492D2AC99AF465E09BD26C426B2A3C1B66878381CB9A7F2D50FA56B7BA1BAA2BE64558C7723F3C20D575A3FCB32E120C147A
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
                                                                                                                                                                                                                                        Preview:wOF2......'...........'..J.|....................?FFTM....`.............6.$........ ..+..j[]T.B..o.*....O#K..n....J.K......pG............./....i.v6f:.`.A.O)....xE+(c.eJ.;....+....H..)...4..s........"#"#"#"\..^...F....'..NdDdDd..z6K......i6"229...V[..Nxa..Q..k..w.g..oVp;....n..S.3..<3A...7".KTb....QA.d...,l-.(.]..f7..../p3.B.2...x..x .u....E[.)..`._..KGo....B..q..sG.*~..W.....9M8...M..0...1~.&.....}........D....5}.....`...X!.i7..Sc.&$+.~.y.w.B...........J..%.d..Rh...U......%Kl.N........q....%r...P.P.F...P..C4..j.......3....f...6.a.>...<+.a...|.ox~n....`.6..........T6jCDI..f2.@1....;0.=..;=.Q.NO/.........p...-..3..8.P.....3...4..[...m....K..#..8...\-.....'........c,F.....m....R....,..6..=...L..*.U.....sj.K.N7yhh...........6.....bcm..9.XV`.2...&m.d.l....}-..R....d....;}...i...2.J....<...o..u.Mo.?.d-.."..I.l~*.......@.....G O40....b!...{.nWv....../..HvfT...[.#.....Vj.l.=..d.8.d....pu/E;.J....2.K.P^9D"..P..... ..T....vU3.V..m..!.d.....b...

                                                                                                                                                                                                                                        Chrome Cache Entry: 259

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (671)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):3792
                                                                                                                                                                                                                                        Entropy (8bit):5.051596494727918
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:96:gCNS6tfLzY3YpdedPCLz6LzozFdRSrgBYY5cloCF/PZ:LSquPc4EFdorGz5HCF/PZ
                                                                                                                                                                                                                                        MD5:0681B249CF31FF48067CA31579C6A6C4
                                                                                                                                                                                                                                        SHA1:FBBA098627C36520DCF06152C55C95598F851EFF
                                                                                                                                                                                                                                        SHA-256:9FF821BF6AC0AC60E2E1E27F9658F27FCC593421E80BAB5CD60486700D267B06
                                                                                                                                                                                                                                        SHA-512:9F4070CBEEF57B70DB8D2F8154F9D989D5EE2B175FC1386FC4862AC75F132239947D95C789EF56337246A80024FD4897CC7E3107E18DBF8EDCA4A0CCC31AB36F
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/GalleryDisplay/common.js?ver=3.59.2
                                                                                                                                                                                                                                        Preview:(function($){window.NggPaginatedGallery=function(displayed_gallery_id,container){this.displayed_gallery_id=displayed_gallery_id;this.container=$(container);this.container_name=container;this.get_displayed_gallery_obj=function(){var index='gallery_'+this.displayed_gallery_id;if(typeof(window.galleries[index])=='undefined'){return false;}else{return window.galleries[index];}};this.enable_ajax_pagination=function(){var self=this;$('body').on('click','a.ngg-browser-prev, a.ngg-browser-next',function(event){var skip=true;$(this).parents(container).each(function(){if($(this).data('nextgen-gallery-id')!=self.displayed_gallery_id){return true;}.skip=false;});if(!skip){event.preventDefault();}else{return;}.window['ngg_ajax_operaton_count']++;$('body, a').css('cursor','wait');$.get({url:$(this).attr('href'),headers:{'X-NGG-Pagination-Request':true},success:function(response){window['ngg_ajax_operaton_count']--;if(window['ngg_ajax_operaton_count']<=0){window['ngg_ajax_operaton_count']=0;$('body,

                                                                                                                                                                                                                                        Chrome Cache Entry: 260

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):223
                                                                                                                                                                                                                                        Entropy (8bit):4.544186889788819
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:4BmWM+PL9FLC0A2ImW1XFptVXMfAIx3BZEXN6D+4RIJxcEIrgB7N9TELe3KMs5DV:4u+5Bs1H9iAYLZRI0hcBZ9538NWYn
                                                                                                                                                                                                                                        MD5:D8084F85E088D323ADEDD37B9D4EFCD9
                                                                                                                                                                                                                                        SHA1:9ED5D2385C0E02C7A7650F26FE7CE6FEEE2EA289
                                                                                                                                                                                                                                        SHA-256:D081313013951F86B13F50BE1C70C0D0C0C81F28F9E32BCB01525B47AC48575B
                                                                                                                                                                                                                                        SHA-512:42A8ED466478C677003D93F8E95206448126933CDBDD198DAE77967CAE48BBBD8FE5260657AE20061C960900B79E9178C408AE3672360D873B36AB13C3EBEAC3
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/edd-recurring/assets/css/styles.css?ver=2.12.3
                                                                                                                                                                                                                                        Preview:.eddr-notice{margin:0;text-align:center}.eddr-notice.variable-prices{text-align:left}.eddr-cart-item-notice{text-align:left;font-size:.75em}.edd-recurring-failed-list span{display:block;padding-left:15px;padding-bottom:5px}

                                                                                                                                                                                                                                        Chrome Cache Entry: 261

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (19287), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):19287
                                                                                                                                                                                                                                        Entropy (8bit):5.054657947098267
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:3ir8EkKztbyVcJn+2fGZ4loPL7WkCO2Q3k7TbjxVN3drFzqizLS1ND2uejYn9+wm:SoyB7kOk32Ak7vrxNHSbD2uekm
                                                                                                                                                                                                                                        MD5:B0F37BBFC27CBBBCD0750A7E4754B95B
                                                                                                                                                                                                                                        SHA1:E89C86712D27144DDA947B3EFEDB313D6D4BE6C1
                                                                                                                                                                                                                                        SHA-256:F7694FD04A2A0F7DE560B7C43808AB767EB2672A733AA0A3FD752DD11F3DA515
                                                                                                                                                                                                                                        SHA-512:D02BE8637C27652C152FD3AFD387DD47AE0D495293A321073B3E4DC3CBA3D14070221D58EE9A87627290262522E55200557A0A7F38FBD88905B18807FB3D52AE
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/easy-digital-downloads-pro/assets/css/edd.min.css?ver=3.2.11
                                                                                                                                                                                                                                        Preview:.edd-icon{display:inline-block;fill:currentColor;position:relative;vertical-align:middle}.edd-icon-spin{display:inline-block;animation:edd-icon-spin 2s linear infinite}@keyframes edd-icon-spin{0%{transform:rotate(0deg)}to{transform:rotate(359deg)}}.edd_clearfix:after{display:block;visibility:hidden;float:none;clear:both;text-indent:-9999px;content:"."}#edd_checkout_cart{text-align:left;width:100%;border:none;margin:0 0 21px;table-layout:auto}#edd_checkout_cart td,#edd_checkout_cart th{text-align:left;border:1px solid #eee;color:#666;padding:.5em 1.387em}#edd_checkout_cart .edd_cart_header_row th{background:#fafafa;padding:1.387em}#edd_checkout_cart .edd_cart_discount_row th,#edd_checkout_cart .edd_cart_tax_row th{background:none}#edd_checkout_cart th{font-weight:700}#edd_checkout_cart td{line-height:25px;vertical-align:middle;background:#fff}#edd_checkout_cart td.edd_cart_actions,#edd_checkout_cart td:last-child,#edd_checkout_cart th.edd_cart_actions,#edd_checkout_cart th.edd_cart_tota

                                                                                                                                                                                                                                        Chrome Cache Entry: 262

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 18184, version 1.6554
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):18184
                                                                                                                                                                                                                                        Entropy (8bit):7.987574142019396
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:384:ekfdLuYFTBIMiTuMxbJFg74a4u5tzIIr4jNCaUtBCxA:tfRLTBBiTucbJK74M6TA
                                                                                                                                                                                                                                        MD5:376A5E0F2578FB88032F23BA4AA39D50
                                                                                                                                                                                                                                        SHA1:8B84A6E3D50BD3CF71EC681368CE09036EE701C1
                                                                                                                                                                                                                                        SHA-256:353A97D84D431E45961A61AF8873B17B7F584FAEC6AC10B7474A14853BBC84EB
                                                                                                                                                                                                                                        SHA-512:78B2A0184931D0BFF179679B0ABBCDDC8BE70C4DB0156486DBA96B23BF50883A73D6AEC21E09347CCC47D018526F3538959EAFDAD0C8AE59CAAF076E1829CB1C
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/fonts/open-sans/opensans-light-webfont.woff2
                                                                                                                                                                                                                                        Preview:wOF2......G...........F.........................?FFTM.. .....(.`..Z.8..e.....t..;.6.$..&..V.. ..2..e../?webf.......r;@..o.g2.M..p-..D.vB ..{...F..1.=z..*e..F.2k.R4,....&..Ka.!DP..e.jq%..e|......>.,EHa...e_.v.Jq...z..EA.........Aw|8.Z.%p.Z.;.ko..kZ.....hj...S.z-.|.&..\..u.....o!..p...T.60.7@.......3{".F.R.". ....Q3.j..u|m..?m.]J...B..&....b=..j.w^TfUw.3g....0.I80............t....3R.}..\..?...(.G..6V..p.@..-.>....j...]*.....&......]v..{.@if+7..........J.Fc@h./.\}.'..\$.D&......{.....2....5Ab..NN.. ....U...x.........}.?.l...Gm...&....oH..jF\.(.k................IG4.t..]...a..M.........S.j..Di ....R.W4.l_*..83.......%......$e.I..d.A.t...).J.a.K...T4..Xv~[.G.5}.^.2%..L....P$.....4..~(.VYP&..R.d...[.....B.T...B.....e....@...../.W....r.._!L..m...4m6/x.@..U.}./^k.....y.$H..R...mr.,X.:q}m~?.GFc.n..lQ....8..w.S{.i..p[P.XF...y.......^..^.s...........X~H....d..M?..Np.}}1..W.G.:g^.....;......4.3.....s..f..<.Lb..j.Iv......7}.G....m0..>3..._x.6.?..zT.u

                                                                                                                                                                                                                                        Chrome Cache Entry: 263

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:PC bitmap, Windows 3.x format, 48 x 48 x 24, image size 6912, resolution 9449 x 9449 px/m, cbSize 6966, bits offset 54
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):6966
                                                                                                                                                                                                                                        Entropy (8bit):4.755735232059843
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:96:3y7OJpqOMHZmO/w6oG4RPr2M9Ie7RKv6UY+nc:3yepdM5H/wZT2M+e7gv6UY+nc
                                                                                                                                                                                                                                        MD5:E97C27D1C2142F1276F319A87B466484
                                                                                                                                                                                                                                        SHA1:43ECEEF6D1269A1EE51C0914B7F3F303C7D8E9E7
                                                                                                                                                                                                                                        SHA-256:A53A853591D9E14FC0C99103518EDA928B0FCCB3F4C923689C628C71CDCD3C2D
                                                                                                                                                                                                                                        SHA-512:D9E984B4AB6688B7049632089AF8CE986911C463B28229759474F2D82007CB06054D1BCF5BD9306276194A9243C7449500DC6926DE9FC59E00404B5CD0F9C735
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:BM6.......6...(...0...0................$...$.............................................................................................................................................................................................................u.P..?.w<.p=.m=.i=.h=.j=.l<.q<.xG..j................................................................................................X.=.v=.k=.a>.[>.W>.T>.S>.Q>.O>.Q>.S>.U>.Y=.`=.h<.s=.~q................................................................................A.|=.k=.b>.[>.V>.R>.Q>.P?.N?.M?.L?.K?.K?.M?.O>.Q>.R>.V>.^=.g<.s?..........................................................................C.~=.j=.`>.Z>.Y>.U>.T>.R>.Q>.Q>.Q>.P>.P?.O?.N>.P>.Q>.Q>.Q>.T>.X>.\=.c=.n;.|..............................................................k.<.p=.e=.`>.[>.Y>.W>.U>.S>.R>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q9.K7.J7.L7.O7.Q7.V=.e=.n<.~.........................................................X.=.m=.e=.`>.\>.Y>.W>.V>.T>.S>.R>.Q>.Q>.R>.R>.R>.Q>.Q>

                                                                                                                                                                                                                                        Chrome Cache Entry: 264

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1746), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):1746
                                                                                                                                                                                                                                        Entropy (8bit):4.71476640254322
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:24:R9qZyXByePGUFEe59EyHLtQ/r9ETQjEJxBH/qy0bDwD5qdvmAJ6l7IUk5IeI3:mqP75ZLt/TQoJ3yy0DwDeOs6lBp
                                                                                                                                                                                                                                        MD5:0DB6DD5189171156E3A37D1C6CA962CD
                                                                                                                                                                                                                                        SHA1:55DD9143464ACD418091C6FB48E17B69963DEFBD
                                                                                                                                                                                                                                        SHA-256:6456DC825E5AA2E6FFE4EAF425BA95ACE10639ADBAAA9BE64029CB7E19581756
                                                                                                                                                                                                                                        SHA-512:B82B3494043D92C65FBCFBFB373D48938FF9BE8C5A073337A52CCA3EDD2444510BD76CBE618C63BC1F674A405AE16B86F55B32DEC7670FBF449B9F4A0B3171B7
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/edd-software-licensing/assets/css/edd-sl.css?ver=3.8.11
                                                                                                                                                                                                                                        Preview:.edd-sl-active{color:green}.edd-sl-inactive{color:gray}.edd-sl-expired{color:#dc3232}.edd_sl_license_row .view-key-wrapper{position:relative}.edd_sl_license_row input.edd_sl_license_key{border:none;cursor:pointer;display:block;margin:8px 0 0;outline:none;padding:0;width:100%}.edd_sl_license_row span.edd_sl_license_key{background:#f0f0f0;border:1px solid #ddd;display:none;left:0;max-width:inherit;padding:4px;position:absolute;text-align:center;top:30px;width:20em;z-index:999}.edd-sl-child-licenses{margin-bottom:0;margin-top:8px;width:auto}.edd-sl-child-licenses .edd_sl_license_key{margin-top:0}.edd-sl-child{margin-bottom:8px}.edd_sl_license_row .edd-sl-child span{display:block}#edd_checkout_form_wrap fieldset#edd_sl_renewal_fields{background:#fafafa;border:1px solid #eee;padding:1.387em}#edd_checkout_form_wrap #edd-license-key-container-wrap{padding:0 0 1em}#edd-cancel-license-renewal{border-color:transparent;font-weight:400;margin:0;outline:none;padding:0;vertical-align:middle}#edd-can

                                                                                                                                                                                                                                        Chrome Cache Entry: 265

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:PNG image data, 300 x 261, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):12720
                                                                                                                                                                                                                                        Entropy (8bit):7.9617693380694
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:QW6O9NIP2QpocbBQyVt1iNOkbc2EQxqAt6P9olhMWf1QOU9tN1kWwKt:Qi9NfUaK0cGxqiIWdQztzt
                                                                                                                                                                                                                                        MD5:82518080AB53E112882782D78006C2D0
                                                                                                                                                                                                                                        SHA1:E21CF56383682C7BFEDB9871030949A1221606EF
                                                                                                                                                                                                                                        SHA-256:729125074C56DD42DF6629CA94FA6D6B714354C2C03FFEE9D1E458438597EF70
                                                                                                                                                                                                                                        SHA-512:E3F2B27EC07403BB05E98176CCEBC689C719C8B074187BCF864B659CE215DDBFD68E09374392036B88A5B108825F1E98798ACA09317CFEEB667613DEB3C29194
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:.PNG........IHDR...,...............1wIDATx...=K.Q...+$....O..`.A:8(...n..B]...Rp.W...p.&R.. ..*.B. t+:fp..C.H..A..N.PPb..5...DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDz.P .......\.#....,..e.M.)3.D.|.-....+.].<+.a.m.t-..2.$..6..m.[.U...Vi...........u./.Q.F....S.a.S......w."..,.C....;..<..O..d....XP....P....2......s6x......u..+...C..H-vYf.]Z.}.G.....;)....%.K....c<..)F.s....|.)c..I..... ...H...F.....hD.*E....'..Q.l.g...V..]s-J./..f..M.Q'..!.I1..|b../..`7......y>r.a..3.70.1...7.0M.i...n....c.6.8.../.$!Uh...trRp..............:.......U."(.A.%]."..t..pBh..B....!\ML.y.}.....w)=RX1..G.E.s=1\w..Y..kS..63V..5.......8../.w..(-..G;...'...,..&.5m....L.......C..Y.......u.....I........Q...1...$A.Q..z...p9.Z4.....8......`.a.i.t.l|.|.^;8.Z.W@.Y....[.2..[.R.&.9e......uP{. ) .;n.@>..RZ.zt...=M.B.-/....!..P..e...{.=...."z4.%...I.......tR.v4....F_.U......e.V.....A.z..F4...UO...0\v.W.-..J.*..$IS.6.I......d.....>..".Fjc.U.\...dYe.6.X.E..}...W..l..i.l...T.....}.W..P..G...A.qB.

                                                                                                                                                                                                                                        Chrome Cache Entry: 266

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (55739)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):55921
                                                                                                                                                                                                                                        Entropy (8bit):4.703436221015448
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:768:VOC31sPizPq4/vBUAUHJUkQdR/WMQyYJrX75CsmZQzF:VOTPUC4/pMHGBdcfd7ssjR
                                                                                                                                                                                                                                        MD5:EDB3AB99460ADF2F03504C783F87446E
                                                                                                                                                                                                                                        SHA1:8EF32EF156F9A608919BA9C6B3CDEB32D098C82B
                                                                                                                                                                                                                                        SHA-256:96AAAB9A34711F1BEEF1C63071B992A7F3CB17654956CC09859D7A4DC71AB1F3
                                                                                                                                                                                                                                        SHA-512:11ACA8C2F579CD0D08A67687BF9340DAD3FFB61AEBE0F6BCE908A61A3EE6FF27E901AED068499E3F953E8AEF4C036424EA9DEEE32EAE32FE1116AED28835ADDE
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6
                                                                                                                                                                                                                                        Preview:/*!. * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:solid .08em #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pul

                                                                                                                                                                                                                                        Chrome Cache Entry: 267

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 75368, version 330.32636
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):75368
                                                                                                                                                                                                                                        Entropy (8bit):7.9963062622222125
                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                        SSDEEP:1536:3votzoJ1K9hFGhTaNK2T2Ihn/KqymF7nTDAYbbaufVZZXyme0kml695:Q81EakQ2T2Ih/bjcY/aCZXvj6z
                                                                                                                                                                                                                                        MD5:859C4002D9954718CAC1DDEA5555698F
                                                                                                                                                                                                                                        SHA1:2392CE297C92BCF2C7D5A4C461A582DADC8039C8
                                                                                                                                                                                                                                        SHA-256:5054AB369966FEA3657AC6AF00C3BC47BDC9E7B5114E61D1764BE06213CA9781
                                                                                                                                                                                                                                        SHA-512:83CA3CB14DF9D05E3AB2A45042524733790977E5E1DF9A47DD52394D4E209DA643728AB47CCEBB56C1F9AD85501CF074CEB0F2CC5AE3F6AC6A81D967590D13BF
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
                                                                                                                                                                                                                                        Preview:wOF2......&h.......(..&..J.|....................?FFTM....`..2.....l..v.6.$..P..j.. .....G[.q'.@v...V..22....4.d..Sn.....:l..f..........c.&l....a.UU..Y..4... l.)...P3..I.a..Z..1c.}..h.u...0Y......b.b6l...l..a..fQ....._...........I....W.7em.s........!...M.....v.m..[..p..uuC..f..'..[>..xl(.E.GTh....qj....O...?...e.a2.eR.3..5._..2..M....cYaS.{.FG......%..L.....m..$...J..U.........u.L..f.y5.F....>....MU..n.(C]...._...~...Q....-.%%.........AE..s.b.b F..nsC7.v....S{?..E..`\((....mm.b.n.@.|..p.~.}..U{|`.....O..d.Iz)...q.p...@...d..0..a.,B.. ..iI.9=c.g..ky..p...D....o.{ll..8.zi]4.97.:`(+T.4.......g..l1..;..a..Z..7+#..r..<&...rq..v.y..-iw.#J..22@..gh....e%!...!..<D...wI^)..J.0.k..H.@b......x.m..l.X2..........O6....^h.i....(..Z.....%...G.D4...v&MC...Iw.... ..L........?..A.Z@.....&v&P..h|....*..#.....K.G..LK.X`LF#C..w.r.v..i.......*r....GL.".........C{,K2...MnOB.ui..?...y.|..P 0.K...eq..l.\8..........I..C..J.f.....Y...|.$..>W\...#.2...

                                                                                                                                                                                                                                        Chrome Cache Entry: 268

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (59701)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):113381
                                                                                                                                                                                                                                        Entropy (8bit):4.921824878665509
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:1536:MZeJKfZdlk2u5SOV+UQ37410kxJdPfrF3Ps:MZeJMTk2u5SOV+UQ37410kTd3Z3Ps
                                                                                                                                                                                                                                        MD5:51A8390B47AA0582CF2D9C96C5ADDEE2
                                                                                                                                                                                                                                        SHA1:B16A640874025D085C38119A1A02A3460F83F2DE
                                                                                                                                                                                                                                        SHA-256:98CECF88A23542FA047CE46EEDB650B5C5128761ED4386C0977B847094DDFA20
                                                                                                                                                                                                                                        SHA-512:711162AB43E59E0FF5F050CCA4278682194248A13EF2EE1F00AB276B6221E7A4DDDEB9645E8798E7F67A34F0001C8F63469F2B2C3E6D4E2519ADA30B6775E191
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-includes/css/dist/block-library/style.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                                        Preview:@charset "UTF-8";.wp-block-archives{box-sizing:border-box}.wp-block-archives-dropdown label{display:block}.wp-block-avatar{line-height:0}.wp-block-avatar,.wp-block-avatar img{box-sizing:border-box}.wp-block-avatar.aligncenter{text-align:center}.wp-block-audio{box-sizing:border-box}.wp-block-audio figcaption{margin-bottom:1em;margin-top:.5em}.wp-block-audio audio{min-width:300px;width:100%}.wp-block-button__link{box-sizing:border-box;cursor:pointer;display:inline-block;text-align:center;word-break:break-word}.wp-block-button__link.aligncenter{text-align:center}.wp-block-button__link.alignright{text-align:right}:where(.wp-block-button__link){border-radius:9999px;box-shadow:none;padding:calc(.667em + 2px) calc(1.333em + 2px);text-decoration:none}.wp-block-button[style*=text-decoration] .wp-block-button__link{text-decoration:inherit}.wp-block-buttons>.wp-block-button.has-custom-width{max-width:none}.wp-block-buttons>.wp-block-button.has-custom-width .wp-block-button__link{width:100%}.wp-bl

                                                                                                                                                                                                                                        Chrome Cache Entry: 269

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):112
                                                                                                                                                                                                                                        Entropy (8bit):6.0950831585681575
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:Y1Zre1oAaf9Lo/btr68sKY5BylhuP11tF3X9W5yz:uZ2oiTZKKY6uP1ntlz
                                                                                                                                                                                                                                        MD5:D263938B2B3E1621BC75ED202E7ED580
                                                                                                                                                                                                                                        SHA1:EBABEF89B77B1C46FAF875C760F2A9721545CA31
                                                                                                                                                                                                                                        SHA-256:EB3699DBD82C75BCCDC99273BD893A3C3DB1B5111C15C0CA002AF463BC762788
                                                                                                                                                                                                                                        SHA-512:B27820ABFC7AD2A26792C8BD4F275914EDFC18F6E9DF7A42A6FC246146A9EC157D508EB71306DD393D7C190525490E1B589B03F3725B6057E5F866758023DD63
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/img/pricing-line.png
                                                                                                                                                                                                                                        Preview:RIFFh...WEBPVP8L\.../..........CD...6m#.Z.....'...m. ......p..z..l..W.ppD4.`.E......# (rG.e........mke......

                                                                                                                                                                                                                                        Chrome Cache Entry: 270

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1769), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):1769
                                                                                                                                                                                                                                        Entropy (8bit):5.024508198384572
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:0f321ezZRHm6ivYFqdtkHA2HGa2cIE62UYXcZ5xCQ5h5kIF:0f321Qnm6iipg2V2z9zY2
                                                                                                                                                                                                                                        MD5:D0B8782045CFA4462AC7B9D42AC16206
                                                                                                                                                                                                                                        SHA1:D9C822D53C2EB6A3296D40AF31F57E47B4BD2C20
                                                                                                                                                                                                                                        SHA-256:D565603114E33EC4E10B3837BEC54E36EC89CE67BE60D574E72E1D695F631EED
                                                                                                                                                                                                                                        SHA-512:842B649BF0DCB84CA61FCC643E858598A42AC8F006067C776E8A0ECF1D47554D9E25B0B554713AA32C041FCC4B79357DCC74EA53F55CCAB0F8A45D1BD41B561D
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7
                                                                                                                                                                                                                                        Preview:!function(n){n(".tml").on("submit",'form[data-ajax="1"]',function(a){var e=n(this),s=e.find(":input"),t=e.find(":submit"),r=n(a.delegateTarget).find(".tml-alerts");a.preventDefault(),r.empty(),s.prop("readonly",!0),t.prop("disabled",!0),n.ajax({data:e.serialize()+"&ajax=1",method:e.attr("method")||"get",url:e.attr("action")}).always(function(){s.prop("readonly",!1),t.prop("disabled",!1)}).done(function(a){a.success?a.data.refresh?location.reload(!0):a.data.redirect?location.href=a.data.redirect:a.data.notice&&r.hide().html(a.data.notice).fadeIn():r.hide().html(a.data.errors).fadeIn()}).fail(function(a,e,s){a.responseJSON.data.errors&&r.hide().html(a.responseJSON.data.errors).fadeIn()})})}(jQuery),function(s){s(function(){var a,e;if(themeMyLogin.action)switch(a=s("#user_login"),themeMyLogin.action){case"activate":(e=s("#key")).length&&e.focus();break;case"lostpassword":case"retrievepassword":case"register":a.focus();break;case"resetpass":case"rp":s("#pass1").focus();break;case"login":-1

                                                                                                                                                                                                                                        Chrome Cache Entry: 271

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (34217)
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):34399
                                                                                                                                                                                                                                        Entropy (8bit):4.8846438367170535
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:192:WP6cb0bcx4cgVU92oIGDE8Kcsy1KsF7ndtgMn+I1zTV3c8jevMykD:Vczx4cgVfLGDEbK1J7nd71tXjevMyw
                                                                                                                                                                                                                                        MD5:FFB96099720DDE6483D7CAB290C543EE
                                                                                                                                                                                                                                        SHA1:1A6ECE8EEE36923D795CDF78674B47E7F1B8E94F
                                                                                                                                                                                                                                        SHA-256:CDFDF586F38CFB19C6264343CC6A64ADCE7FF0961834E96A2F912F01DC29E3F0
                                                                                                                                                                                                                                        SHA-512:2DD72F92CCDDE1AA2CD10F9A0FB05F29C67DBF3CE48374A2122DCDF514B2C48895B2CE1A6A8A246B2EA0F37FCE8CFE8C7221EAD3309DF3E9B61227428D23857F
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6
                                                                                                                                                                                                                                        Preview:/*!. * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa.fa-glass:before{content:"\f000"}.fa.fa-meetup{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-star-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-star-o:before{content:"\f005"}.fa.fa-remove:before{content:"\f00d"}.fa.fa-close:before{content:"\f00d"}.fa.fa-gear:before{content:"\f013"}.fa.fa-trash-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-trash-o:before{content:"\f2ed"}.fa.fa-file-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-file-o:before{content:"\f15b"}.fa.fa-clock-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-clock-o:before{content:"\f017"}.fa.fa-arrow-circle-o-down{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-arrow-circle-o-down:before{content:"\f358"}.fa.fa-arrow-circle-o-up{font-family:'Font Awesome 5 Free';font-weight

                                                                                                                                                                                                                                        Chrome Cache Entry: 272

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (6964), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):6964
                                                                                                                                                                                                                                        Entropy (8bit):5.155453426869548
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:96:Fty5FTrxBuUOvN+oU6tKtbRCtftrtHtLtNtWt/t7bKj5TfD42QVIqIjWrjXTLCOJ:8NrxBuXvgoFj5fjUXmW
                                                                                                                                                                                                                                        MD5:DFA60837B33FDA13599CB87665A15A5E
                                                                                                                                                                                                                                        SHA1:182A5C0C60AABF8F1003ABCD84BC1DE0B43157A7
                                                                                                                                                                                                                                        SHA-256:1C4BBA6EBA933B827866A9028E986826FC3A96B399660E4E40E1B59D2B9B559D
                                                                                                                                                                                                                                        SHA-512:74C6CAB01A345C034C740EA19CD35B7274150C2A13C7560A3433AA66C68F5301B0E14527D102970286FA8DC5C1C53152F39841B8EAC5027EA3B04A5D6234A517
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.css?ver=3.59.2
                                                                                                                                                                                                                                        Preview:#fancybox-loading{position:fixed;top:50%;left:50%;width:40px;height:40px;margin-top:-20px;margin-left:-20px;cursor:pointer;overflow:hidden;z-index:1104;display:none}#fancybox-loading div{position:absolute;top:0;left:0;width:40px;height:480px;background-image:url(fancybox.png)}#fancybox-overlay{position:absolute;top:0;left:0;width:100%;z-index:1100;display:none}#fancybox-tmp{padding:0;margin:0;border:0;overflow:auto;display:none}#fancybox-wrap{position:absolute;top:0;left:0;padding:20px;z-index:1101;outline:none;display:none}#fancybox-outer{position:relative;width:100%;height:100%;background:#fff}#fancybox-content{width:0;height:0;padding:0;outline:none;position:relative;overflow:hidden;z-index:1102;border:0 solid #fff}#fancybox-hide-sel-frame{position:absolute;top:0;left:0;width:100%;height:100%;background:0 0;z-index:1101}#fancybox-close{position:absolute;top:-15px;right:-15px;width:30px;height:30px;background:transparent url(fancybox.png) -40px 0;cursor:pointer;z-index:1103;display:n

                                                                                                                                                                                                                                        Chrome Cache Entry: 273

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 19452, version 1.6554
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):19452
                                                                                                                                                                                                                                        Entropy (8bit):7.9888444647120656
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:384:fcRDuHOLZG0Em3GJ2aASB/0CKJkwOEAK0l/QfJA:fIuHO9gm3GJZzmRkf1QfJA
                                                                                                                                                                                                                                        MD5:1EFC2CEBEBC547D76006DD2D737F3756
                                                                                                                                                                                                                                        SHA1:4D262229575D0E9529ABEDF113F90A812E902C5E
                                                                                                                                                                                                                                        SHA-256:D8FA781998E1462E17881A5904B2A95F4227BE6418BD2CB222CFB94608CC1904
                                                                                                                                                                                                                                        SHA-512:9D5CA13C2025DF978FF505D104380238B4E18A03F928BAC1A7F3A2320862D16B4808709C007435F9ADD8C7D46A90C0CC00F445429D1DA0CDF64A69DFDEB30977
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/themes/meminz/fonts/open-sans/opensans-bold-webfont.woff2
                                                                                                                                                                                                                                        Preview:wOF2......K...........K.........................?FFTM.. .....(.`..Z.0..e........>.6.$..&..V.. ..V..e...?webf....5x.,)....m.(.6...6.`...Y....g$'2.....^{..d'e....2y8(L..p.Y...WA...;..E.....sd.3..)...w~..m....6.fZ..a*.~..(c.24..2.,...3O(....BGF&.\`.._.....o0.2.@L0kt.O.&4...a/.u....5.}.....2q.......N%.:.....[...5.s...bMldKd.D[.H[0.*P0.y.x...|..!(%MJ....t.B...>9Gp......).<.W.$.=..B.. ...;...# ..4...._.p..FU.?..F:...7w.!!.&.+...2.....+.u..y.Gf..*..60.. ........6 !..#P.!.(q.......%P.)\&._.L...d..o...*"e..d....L0.N...fY.3r........0.C!,/hY.Q..?..@p...E.Hd..\ ..e3..i.......U{.w........1....=Oo>8u.o. ......(LSI.v.)..i...G..u2.I.#.........S.tJ"%~O'[..`+.Bd....8!..v..HS_..P?m..]"..x.......BE...Ua..)U"..tV..$.....l.9.n....mO..A..1...%l.....S ... pX.I....L.=..8<.~.....D=....n..d..l.B..Dr.=^7......E.(.*..(.Xq?.....4okIW...a...........h..S.........;s.n..o.....>8-.=..P..^....G..c.vv ?.......y..n......k".....va..n...:...........-.x..DMC.6.4.E.5.Y..F.c.i..4....nuZ2 .

                                                                                                                                                                                                                                        Chrome Cache Entry: 274

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):107771
                                                                                                                                                                                                                                        Entropy (8bit):5.049975313695035
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3072:62dKhLkE3fqHGp1uQsJSCJy1VkV0mo27K3J3nQ9tQEQ:62dc3fqHGp1uQsJSCJU3J3nQ9tQEQ
                                                                                                                                                                                                                                        MD5:07B0500039A248ADEE4BB3CA5A000FE9
                                                                                                                                                                                                                                        SHA1:509EA69BEB3B340955717FDACBE824C26FAA68FA
                                                                                                                                                                                                                                        SHA-256:ABC5745CB5012A0FE2537DB26934936834C4645F8284846AF0A2E629A2D3B9B5
                                                                                                                                                                                                                                        SHA-512:6640C2B1C093A93B8768D51F43072346F1477A97A459FE95BF6796FE4F034B2BCEA28924B458D2901198296D159A53E407C510B041F9E70693B4D78A5DE66E98
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/jetpack/css/jetpack.css?ver=13.3.1
                                                                                                                                                                                                                                        Preview:@charset "UTF-8";@font-face{font-family:swiper-icons;font-style:normal;font-weight:400;src:url("data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3N0AAAFNAAAAGIAAACE5s74hXjaY2BkYGAAYpf5Hu/j+W2+MnAzMYDAzaX6QjD6/4//Bxj5GA8AuRwMYGkAPywL13jaY2BkYGA88P8Agx4j+/8fQDYfA1AEBWgDAIB2BOoAeNpjYGRgYNBh4GdgYgABEMnIABJzYNADCQAACWgAsQB42mNgYfzCOIGBlYGB0YcxjYGBwR1Kf2WQZGhhYGBiYGVmgAFGBiQQkOaawtDAoMBQxXjg/wEGPcYDDA4wNUA2CCgwsAAAO4EL6gAAeNpj2M0gyAACqxgGNWBkZ2D4/wMA+xkDdgAAAHjaY2BgYGaAYBkGRgYQiAHyGMF8FgYHIM3DwMHABGQrMOgyWDLEM1T9/w8UBfEMgLzE////P/5//f/V/xv

                                                                                                                                                                                                                                        Chrome Cache Entry: 275

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:HTML document, ASCII text, with very long lines (930), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):930
                                                                                                                                                                                                                                        Entropy (8bit):5.12292712843304
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:24:0jHQfOuH41YiLY3WL3QquM32EhEcx+Ps2P2pCgrsLHOII:0EJpNqycBxWACgrsDOt
                                                                                                                                                                                                                                        MD5:06BFCD88AF438673A8BF9B845A11AA6E
                                                                                                                                                                                                                                        SHA1:D024A745032CBE115526ABE648D9FA0F0A10A681
                                                                                                                                                                                                                                        SHA-256:947AC0903521F5ECEEFC90637C066306A8CA67466CCC188BB0107FB7CFB532D1
                                                                                                                                                                                                                                        SHA-512:6A37EA27F3AD16DE6BCB4C386D9F09962902AE2F2FDF76B6723CFF8155CD0B9D4504D1EA6ED3C4D5C9D49BE9C636EB9386BB13C9A787A71F02640A8EC939D180
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://m.stripe.network/inner.html
                                                                                                                                                                                                                                        Preview:<!doctype html><html><head><meta charset="utf-8"><title>StripeM-Inner</title></head><body><script>!function(){var e=document.createElement("script");e.defer=!0,e.src="out-4.5.43.js",e.onload=function(){var e;window.StripeM&&(e=window.location.hash,/ping=false/.test(e)||(e=(e=e.match(/version=(4|6)/))?e[1]:"4",window.StripeM.p({t:!0,v:e})),e=function(e){if(window.opener||window.parent||window)try{var i=((t=JSON.parse(e.data)).message||t).action,t=t.message?t.message.payload:t;switch(i){case"ping":window.StripeM.p({t:!0,o:{muid:t.muid,sid:t.sid,referrer:t.referrer,url:t.url,title:t.title,v2:t.v2},v:t.version||"4"});break;case"track":if(!t.source||!t.data)return;window.StripeM.b({muid:t.muid,sid:t.sid,url:t.url,source:t.source,data:t.data},t.version||"4")}}catch(e){}},window.addEventListener?window.addEventListener("message",e,!1):window.attachEvent("onMessage",e))},document.body.appendChild(e)}()</script></body></html>

                                                                                                                                                                                                                                        Chrome Cache Entry: 276

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2815&rand=0.33463708251087443
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 277

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (2203), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):2203
                                                                                                                                                                                                                                        Entropy (8bit):5.032375230756419
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:11guMY69cQiSd07kl11guMY69cQiSd07kJsaQusWPyKrs:wnXf6QunXf6QkWPyL
                                                                                                                                                                                                                                        MD5:2DDE014DB49303C0967B777EFE76ED85
                                                                                                                                                                                                                                        SHA1:FB17DE6846C31A819862F8658A3A67D549654033
                                                                                                                                                                                                                                        SHA-256:1F6DD5DF2452895743979DF19F48B23E800127CCCA3C50B11D496BE826668E13
                                                                                                                                                                                                                                        SHA-512:102295821406277965C99942C11763473C8E93BE7628ED785729633D7A8AD49E11E4E70A61BCC3B0F4043865888B3C943469D1DF341E28846A2D2811733B617A
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-content/plugins/edd-multi-currency/assets/build/frontend.js?ver=1.1.1
                                                                                                                                                                                                                                        Preview:!function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=29)}({29:function(e,t,n){"use strict";n.r(t)}}),function(e){var t={};function n(r){if(t[r])re

                                                                                                                                                                                                                                        Chrome Cache Entry: 278

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 279

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                        Size (bytes):50
                                                                                                                                                                                                                                        Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                                        MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                                        SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                                        SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                                        SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                                        Chrome Cache Entry: 280

                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (4186), with no line terminators
                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                        Size (bytes):4186
                                                                                                                                                                                                                                        Entropy (8bit):4.923675414240059
                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                        SSDEEP:48:wFfAeWkkqEsKO+TBxaBIIj+NqUFQW76d7JrOv2bN:wueWkkrLoI7U
                                                                                                                                                                                                                                        MD5:EA958276B7DE454BD3C2873F0DC47E5F
                                                                                                                                                                                                                                        SHA1:B143F6E8E8F79D8F104C26B0057EF5514D763219
                                                                                                                                                                                                                                        SHA-256:2E10D353FF038C2CAD3492FC17801AF3E6EF2669C9E9713BDB78B1DCB104C4FE
                                                                                                                                                                                                                                        SHA-512:2D40A1E713355EFF88FA3BBF5471B4DB5ACC48FA2B978A555C034F2E5C7F131FCAF48E849D5D048DF9D5DAE068C4B6467A97B1DDE99115E6B32F57E928569FC1
                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                        URL:https://bitsum.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                                        Preview:.mejs-container{clear:both;max-width:100%}.mejs-container *{font-family:Helvetica,Arial}.mejs-container,.mejs-container .mejs-controls,.mejs-embed,.mejs-embed body{background:#222}.mejs-time{font-weight:400;word-wrap:normal}.mejs-controls a.mejs-horizontal-volume-slider{display:table}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-current,.mejs-controls .mejs-time-rail .mejs-time-loaded{background:#fff}.mejs-controls .mejs-time-rail .mejs-time-current{background:#0073aa}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-total,.mejs-controls .mejs-time-rail .mejs-time-total{background:rgba(255,255,255,.33)}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-current,.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-total,.mejs-controls .mejs-time-rail span{border-radius:0}.mejs-overlay-loading{background:0 0}.mejs-controls button:hover{border:none;-webkit-box-shadow:none;box-shadow:none}.me-cannotplay{width:au

                                                                                                                                                                                                                                        Static File Info

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                        Entropy (8bit):7.959728481593306
                                                                                                                                                                                                                                        TrID:
                                                                                                                                                                                                                                        • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                        • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                        File name:SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        File size:2'994'544 bytes
                                                                                                                                                                                                                                        MD5:5ae909472f400d4341e93df71d808377
                                                                                                                                                                                                                                        SHA1:a6de8d54c5b3e6947bc4fe473e0df4ba05a736c9
                                                                                                                                                                                                                                        SHA256:82be867f27b0d808f9e6675cdf74ffe071b9e0e0f0168e31b7a94e5226e08bd2
                                                                                                                                                                                                                                        SHA512:b8972f609f07da432220151683b671bdcd67ec8b7ad2f0db53c1633758d9c130181a837d39471c1d299977126105b04727f576f0a760f6f5b8d8abc626364b5f
                                                                                                                                                                                                                                        SSDEEP:49152:YILH68GNqgFDADJCV1Ps9Pey6KsZ2hMHnbcp9BCEmy5zK9oM0ky0v7yHYi1Y:Yu6TN6J9Rn22eHnbcbUEmVoHkRvWHYp
                                                                                                                                                                                                                                        TLSH:FFD53311BEC085F1D5212D369A699B34767D7C312FB6CD9783D09A2CED212C0A732BA7
                                                                                                                                                                                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............w...w...w..<.V..w..<.T..w..<.U..w....Z..w.......w.......w.......w....$..w....4..w...w...v.......w.......w....X..w.......w.

                                                                                                                                                                                                                                        File Icon

                                                                                                                                                                                                                                        Icon Hash:1515d4d4442f2d2d

                                                                                                                                                                                                                                        Static PE Info

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Entrypoint:0x420790
                                                                                                                                                                                                                                        Entrypoint Section:.text
                                                                                                                                                                                                                                        Digitally signed:true
                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                        Subsystem:windows gui
                                                                                                                                                                                                                                        Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                        DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                        Time Stamp:0x64C8CFB2 [Tue Aug 1 09:26:10 2023 UTC]
                                                                                                                                                                                                                                        TLS Callbacks:
                                                                                                                                                                                                                                        CLR (.Net) Version:
                                                                                                                                                                                                                                        OS Version Major:5
                                                                                                                                                                                                                                        OS Version Minor:1
                                                                                                                                                                                                                                        File Version Major:5
                                                                                                                                                                                                                                        File Version Minor:1
                                                                                                                                                                                                                                        Subsystem Version Major:5
                                                                                                                                                                                                                                        Subsystem Version Minor:1
                                                                                                                                                                                                                                        Import Hash:0ae9e38912ff6bd742a1b9e5c003576a

                                                                                                                                                                                                                                        Authenticode Signature

                                                                                                                                                                                                                                        Signature Valid:true
                                                                                                                                                                                                                                        Signature Issuer:CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US
                                                                                                                                                                                                                                        Signature Validation Error:The operation completed successfully
                                                                                                                                                                                                                                        Error Number:0
                                                                                                                                                                                                                                        Not Before, Not After
                                                                                                                                                                                                                                        • 07/02/2023 00:00:00 08/03/2025 23:59:59
                                                                                                                                                                                                                                        Subject Chain
                                                                                                                                                                                                                                        • CN=Bitsum LLC, O=Bitsum LLC, L=Morristown, S=Tennessee, C=US, SERIALNUMBER=000681038, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Tennessee, OID.1.3.6.1.4.1.311.60.2.1.3=US
                                                                                                                                                                                                                                        Version:3
                                                                                                                                                                                                                                        Thumbprint MD5:FB9B0227584CEEB65B18E46C16D44130
                                                                                                                                                                                                                                        Thumbprint SHA-1:D711D20586F0E0C654A9B0D3AA5EC9BC4295B5DC
                                                                                                                                                                                                                                        Thumbprint SHA-256:B309179E6516E33D374264683B0751DB5F23B09E625FF0B6A4163DF28051D08C
                                                                                                                                                                                                                                        Serial:0B494D7DF02097107B9065025133FE92

                                                                                                                                                                                                                                        Entrypoint Preview

                                                                                                                                                                                                                                        Instruction
                                                                                                                                                                                                                                        call 00007F92E08062ABh
                                                                                                                                                                                                                                        jmp 00007F92E0805C5Dh
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        push 00423A90h
                                                                                                                                                                                                                                        push dword ptr fs:[00000000h]
                                                                                                                                                                                                                                        mov eax, dword ptr [esp+10h]
                                                                                                                                                                                                                                        mov dword ptr [esp+10h], ebp
                                                                                                                                                                                                                                        lea ebp, dword ptr [esp+10h]
                                                                                                                                                                                                                                        sub esp, eax
                                                                                                                                                                                                                                        push ebx
                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                        push edi
                                                                                                                                                                                                                                        mov eax, dword ptr [004407A8h]
                                                                                                                                                                                                                                        xor dword ptr [ebp-04h], eax
                                                                                                                                                                                                                                        xor eax, ebp
                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                        mov dword ptr [ebp-18h], esp
                                                                                                                                                                                                                                        push dword ptr [ebp-08h]
                                                                                                                                                                                                                                        mov eax, dword ptr [ebp-04h]
                                                                                                                                                                                                                                        mov dword ptr [ebp-04h], FFFFFFFEh
                                                                                                                                                                                                                                        mov dword ptr [ebp-08h], eax
                                                                                                                                                                                                                                        lea eax, dword ptr [ebp-10h]
                                                                                                                                                                                                                                        mov dword ptr fs:[00000000h], eax
                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        mov ecx, dword ptr [ebp-10h]
                                                                                                                                                                                                                                        mov dword ptr fs:[00000000h], ecx
                                                                                                                                                                                                                                        pop ecx
                                                                                                                                                                                                                                        pop edi
                                                                                                                                                                                                                                        pop edi
                                                                                                                                                                                                                                        pop esi
                                                                                                                                                                                                                                        pop ebx
                                                                                                                                                                                                                                        mov esp, ebp
                                                                                                                                                                                                                                        pop ebp
                                                                                                                                                                                                                                        push ecx
                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                        sub esp, 0Ch
                                                                                                                                                                                                                                        lea ecx, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                                        call 00007F92E07F8AF1h
                                                                                                                                                                                                                                        push 0043D14Ch
                                                                                                                                                                                                                                        lea eax, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                        call 00007F92E0808905h
                                                                                                                                                                                                                                        int3
                                                                                                                                                                                                                                        jmp 00007F92E080A7D8h
                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                        and dword ptr [00463D58h], 00000000h
                                                                                                                                                                                                                                        sub esp, 24h
                                                                                                                                                                                                                                        or dword ptr [004407A0h], 01h
                                                                                                                                                                                                                                        push 0000000Ah
                                                                                                                                                                                                                                        call dword ptr [004341C4h]
                                                                                                                                                                                                                                        test eax, eax
                                                                                                                                                                                                                                        je 00007F92E0805F92h
                                                                                                                                                                                                                                        and dword ptr [ebp-10h], 00000000h
                                                                                                                                                                                                                                        xor eax, eax
                                                                                                                                                                                                                                        push ebx
                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                        push edi
                                                                                                                                                                                                                                        xor ecx, ecx
                                                                                                                                                                                                                                        lea edi, dword ptr [ebp-24h]

                                                                                                                                                                                                                                        Rich Headers

                                                                                                                                                                                                                                        Programming Language:
                                                                                                                                                                                                                                        • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                        • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                        Data Directories

                                                                                                                                                                                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x3e3800x34.rdata
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x3e3b40x50.rdata
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x660000xdff8.rsrc
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x2d87e00x2990
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x740000x23dc.reloc
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x3c1b00x54.rdata
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x366a80x40.rdata
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x340000x278.rdata
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x3d85c0x120.rdata
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                        Sections

                                                                                                                                                                                                                                        NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                        .text0x10000x32dcc0x32e00bf3082787caa3b02fd9d989022806d04False0.592286355958231data6.705330880207017IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                        .rdata0x340000xb1d00xb200ba53cf76fc539872e6fb32f5b59318a2False0.46025719803370785data5.269843738840559IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                        .data0x400000x247500x120063d51bc646ae841bb4737f86d3d78592False0.4058159722222222data4.083590987791496IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                        .didat0x650000x1a40x200deb77807258e64170eadd0d48c2f3f11False0.46484375data3.5190901598372837IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                        .rsrc0x660000xdff80xe000699399d7d2e63f9a36984a221fc02f75False0.6373465401785714data6.63871928699419IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                        .reloc0x740000x23dc0x2400e49afaf69d5cac6d9ffa2d43bc30363aFalse0.7861328125data6.67388754981222IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                        Resources

                                                                                                                                                                                                                                        NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                        PNG0x666500xb45PNG image data, 93 x 302, 8-bit/color RGB, non-interlacedEnglishUnited States1.0027729636048528
                                                                                                                                                                                                                                        PNG0x671980x15a9PNG image data, 186 x 604, 8-bit/color RGB, non-interlacedEnglishUnited States0.9363390441839495
                                                                                                                                                                                                                                        RT_ICON0x687480x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, resolution 2834 x 2834 px/m, 256 important colorsEnglishUnited States0.47832369942196534
                                                                                                                                                                                                                                        RT_ICON0x68cb00x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, resolution 2834 x 2834 px/m, 256 important colorsEnglishUnited States0.5410649819494585
                                                                                                                                                                                                                                        RT_ICON0x695580xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, resolution 2834 x 2834 px/m, 256 important colorsEnglishUnited States0.4933368869936034
                                                                                                                                                                                                                                        RT_ICON0x6a4000x468Device independent bitmap graphic, 16 x 32 x 32, image size 1024, resolution 2834 x 2834 px/mEnglishUnited States0.5390070921985816
                                                                                                                                                                                                                                        RT_ICON0x6a8680x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4096, resolution 2834 x 2834 px/mEnglishUnited States0.41393058161350843
                                                                                                                                                                                                                                        RT_ICON0x6b9100x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 2834 x 2834 px/mEnglishUnited States0.3479253112033195
                                                                                                                                                                                                                                        RT_ICON0x6deb80x3d71PNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9809269502193401
                                                                                                                                                                                                                                        RT_DIALOG0x725880x286dataEnglishUnited States0.5092879256965944
                                                                                                                                                                                                                                        RT_DIALOG0x723580x13adataEnglishUnited States0.60828025477707
                                                                                                                                                                                                                                        RT_DIALOG0x724980xecdataEnglishUnited States0.6991525423728814
                                                                                                                                                                                                                                        RT_DIALOG0x722280x12edataEnglishUnited States0.5927152317880795
                                                                                                                                                                                                                                        RT_DIALOG0x71ef00x338dataEnglishUnited States0.45145631067961167
                                                                                                                                                                                                                                        RT_DIALOG0x71c980x252dataEnglishUnited States0.5757575757575758
                                                                                                                                                                                                                                        RT_STRING0x72f680x1e2dataEnglishUnited States0.3900414937759336
                                                                                                                                                                                                                                        RT_STRING0x731500x1ccdataEnglishUnited States0.4282608695652174
                                                                                                                                                                                                                                        RT_STRING0x733200x1b8dataEnglishUnited States0.45681818181818185
                                                                                                                                                                                                                                        RT_STRING0x734d80x146dataEnglishUnited States0.5153374233128835
                                                                                                                                                                                                                                        RT_STRING0x736200x46cdataEnglishUnited States0.3454063604240283
                                                                                                                                                                                                                                        RT_STRING0x73a900x166dataEnglishUnited States0.49162011173184356
                                                                                                                                                                                                                                        RT_STRING0x73bf80x152dataEnglishUnited States0.5059171597633136
                                                                                                                                                                                                                                        RT_STRING0x73d500x10adataEnglishUnited States0.49624060150375937
                                                                                                                                                                                                                                        RT_STRING0x73e600xbcdataEnglishUnited States0.6329787234042553
                                                                                                                                                                                                                                        RT_STRING0x73f200xd6dataEnglishUnited States0.5747663551401869
                                                                                                                                                                                                                                        RT_GROUP_ICON0x71c300x68dataEnglishUnited States0.7019230769230769
                                                                                                                                                                                                                                        RT_MANIFEST0x728100x753XML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.3957333333333333

                                                                                                                                                                                                                                        Imports

                                                                                                                                                                                                                                        DLLImport
                                                                                                                                                                                                                                        KERNEL32.dllGetLastError, SetLastError, FormatMessageW, GetCurrentProcess, DeviceIoControl, SetFileTime, CloseHandle, CreateDirectoryW, RemoveDirectoryW, CreateFileW, DeleteFileW, CreateHardLinkW, GetShortPathNameW, GetLongPathNameW, MoveFileW, GetFileType, GetStdHandle, WriteFile, ReadFile, FlushFileBuffers, SetEndOfFile, SetFilePointer, GetCurrentProcessId, SetFileAttributesW, GetFileAttributesW, FindClose, FindFirstFileW, FindNextFileW, InterlockedDecrement, GetVersionExW, GetCurrentDirectoryW, GetFullPathNameW, FoldStringW, GetModuleFileNameW, GetModuleHandleW, FindResourceW, FreeLibrary, GetProcAddress, ExitProcess, SetThreadExecutionState, Sleep, LoadLibraryW, GetSystemDirectoryW, CompareStringW, AllocConsole, FreeConsole, AttachConsole, WriteConsoleW, GetProcessAffinityMask, CreateThread, SetThreadPriority, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, SetEvent, ResetEvent, ReleaseSemaphore, WaitForSingleObject, CreateEventW, CreateSemaphoreW, GetSystemTime, SystemTimeToTzSpecificLocalTime, TzSpecificLocalTimeToSystemTime, SystemTimeToFileTime, FileTimeToLocalFileTime, LocalFileTimeToFileTime, FileTimeToSystemTime, GetCPInfo, IsDBCSLeadByte, MultiByteToWideChar, WideCharToMultiByte, GlobalAlloc, LockResource, GlobalLock, GlobalUnlock, GlobalFree, LoadResource, SizeofResource, SetCurrentDirectoryW, GetTimeFormatW, GetDateFormatW, LocalFree, GetExitCodeProcess, GetLocalTime, GetTickCount, MapViewOfFile, UnmapViewOfFile, CreateFileMappingW, OpenFileMappingW, GetCommandLineW, SetEnvironmentVariableW, ExpandEnvironmentStringsW, GetTempPathW, MoveFileExW, GetLocaleInfoW, GetNumberFormatW, DecodePointer, SetFilePointerEx, GetConsoleMode, GetConsoleCP, HeapSize, SetStdHandle, GetProcessHeap, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetOEMCP, RaiseException, GetSystemInfo, VirtualProtect, VirtualQuery, LoadLibraryExA, IsProcessorFeaturePresent, IsDebuggerPresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetStartupInfoW, QueryPerformanceCounter, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, TerminateProcess, RtlUnwind, EncodePointer, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, LoadLibraryExW, QueryPerformanceFrequency, GetModuleHandleExW, GetModuleFileNameA, GetACP, HeapFree, HeapReAlloc, HeapAlloc, GetStringTypeW, LCMapStringW, FindFirstFileExA, FindNextFileA, IsValidCodePage
                                                                                                                                                                                                                                        OLEAUT32.dllSysAllocString, SysFreeString, VariantClear
                                                                                                                                                                                                                                        gdiplus.dllGdipAlloc, GdipDisposeImage, GdipCloneImage, GdipCreateBitmapFromStream, GdipCreateBitmapFromStreamICM, GdipCreateHBITMAPFromBitmap, GdiplusStartup, GdiplusShutdown, GdipFree

                                                                                                                                                                                                                                        Possible Origin

                                                                                                                                                                                                                                        Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                        EnglishUnited States

                                                                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                                                                        DNS Queries

                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                        Apr 27, 2024 02:34:58.480763912 CEST192.168.2.48.8.8.80xf34dStandard query (0)google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:34:58.481271029 CEST192.168.2.41.1.1.10x1780Standard query (0)google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:02.784765959 CEST192.168.2.41.1.1.10xa2abStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:02.784889936 CEST192.168.2.41.1.1.10xdbdcStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:16.438452959 CEST192.168.2.41.1.1.10x94bStandard query (0)bitsum.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:16.438792944 CEST192.168.2.41.1.1.10xd7e4Standard query (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.200278044 CEST192.168.2.41.1.1.10xb39bStandard query (0)js.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.204334021 CEST192.168.2.41.1.1.10xdd8cStandard query (0)js.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.205012083 CEST192.168.2.41.1.1.10x3ad9Standard query (0)stats.wp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.205336094 CEST192.168.2.41.1.1.10x3c35Standard query (0)stats.wp.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.206557035 CEST192.168.2.41.1.1.10x437eStandard query (0)v0.wordpress.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.206887960 CEST192.168.2.41.1.1.10x3525Standard query (0)v0.wordpress.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.571273088 CEST192.168.2.41.1.1.10x6280Standard query (0)analytics.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.571593046 CEST192.168.2.41.1.1.10xc8f3Standard query (0)analytics.google.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.572176933 CEST192.168.2.41.1.1.10x3bbStandard query (0)stats.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.572304010 CEST192.168.2.41.1.1.10x8b9aStandard query (0)stats.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:23.626765013 CEST192.168.2.41.1.1.10x4369Standard query (0)bitsum.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:23.626899958 CEST192.168.2.41.1.1.10xe48eStandard query (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:24.360780954 CEST192.168.2.41.1.1.10xcb3fStandard query (0)a.nel.cloudflare.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:24.360780954 CEST192.168.2.41.1.1.10x5ac5Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:29.358325958 CEST192.168.2.41.1.1.10x2c94Standard query (0)pixel.wp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:29.358925104 CEST192.168.2.41.1.1.10xe71fStandard query (0)pixel.wp.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.498886108 CEST192.168.2.41.1.1.10x31a0Standard query (0)js.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.499222994 CEST192.168.2.41.1.1.10xe392Standard query (0)js.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.327075005 CEST192.168.2.41.1.1.10xd174Standard query (0)pixel.wp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.327286005 CEST192.168.2.41.1.1.10x3254Standard query (0)pixel.wp.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.407572985 CEST192.168.2.41.1.1.10xdecfStandard query (0)m.stripe.networkA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.407727957 CEST192.168.2.41.1.1.10xaeafStandard query (0)m.stripe.network65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:33.338835001 CEST192.168.2.41.1.1.10x7a78Standard query (0)pixel.wp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:36.534838915 CEST192.168.2.41.1.1.10xf62cStandard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:36.535024881 CEST192.168.2.41.1.1.10x3bbStandard query (0)m.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.560518026 CEST192.168.2.41.1.1.10x556eStandard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.266083956 CEST192.168.2.41.1.1.10x388aStandard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.266221046 CEST192.168.2.41.1.1.10xa1b2Standard query (0)m.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:41.057456017 CEST192.168.2.41.1.1.10xd61Standard query (0)stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:41.057586908 CEST192.168.2.41.1.1.10x436aStandard query (0)stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.361288071 CEST192.168.2.41.1.1.10x8e79Standard query (0)js.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.361418009 CEST192.168.2.41.1.1.10x7531Standard query (0)js.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:22.690555096 CEST192.168.2.41.1.1.10x5875Standard query (0)v0.wordpress.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:22.690715075 CEST192.168.2.41.1.1.10xb337Standard query (0)v0.wordpress.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.417506933 CEST192.168.2.41.1.1.10x3cabStandard query (0)analytics.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.417644978 CEST192.168.2.41.1.1.10xa8b2Standard query (0)analytics.google.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.622049093 CEST192.168.2.41.1.1.10xce74Standard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.622281075 CEST192.168.2.41.1.1.10x4612Standard query (0)m.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.685858011 CEST192.168.2.41.1.1.10x702fStandard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.686100006 CEST192.168.2.41.1.1.10x8021Standard query (0)m.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:45.549294949 CEST192.168.2.41.1.1.10x57a2Standard query (0)stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:45.549734116 CEST192.168.2.41.1.1.10x45ddStandard query (0)stripe.com65IN (0x0001)false

                                                                                                                                                                                                                                        DNS Answers

                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                        Apr 27, 2024 02:34:58.570482969 CEST1.1.1.1192.168.2.40x1780No error (0)google.com142.250.80.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:34:58.574397087 CEST8.8.8.8192.168.2.40xf34dNo error (0)google.com142.251.40.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:02.874454975 CEST1.1.1.1192.168.2.40xa2abNo error (0)www.google.com142.251.40.228A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:02.874600887 CEST1.1.1.1192.168.2.40xdbdcNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:16.530150890 CEST1.1.1.1192.168.2.40x94bNo error (0)bitsum.com104.26.5.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:16.530150890 CEST1.1.1.1192.168.2.40x94bNo error (0)bitsum.com172.67.74.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:16.530150890 CEST1.1.1.1192.168.2.40x94bNo error (0)bitsum.com104.26.4.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:16.531112909 CEST1.1.1.1192.168.2.40xd7e4No error (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.290150881 CEST1.1.1.1192.168.2.40xb39bNo error (0)js.stripe.comstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.290150881 CEST1.1.1.1192.168.2.40xb39bNo error (0)stripecdn.map.fastly.net151.101.192.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.290150881 CEST1.1.1.1192.168.2.40xb39bNo error (0)stripecdn.map.fastly.net151.101.64.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.290150881 CEST1.1.1.1192.168.2.40xb39bNo error (0)stripecdn.map.fastly.net151.101.128.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.290150881 CEST1.1.1.1192.168.2.40xb39bNo error (0)stripecdn.map.fastly.net151.101.0.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.295417070 CEST1.1.1.1192.168.2.40x3ad9No error (0)stats.wp.com192.0.76.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.297580004 CEST1.1.1.1192.168.2.40x437eNo error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.297580004 CEST1.1.1.1192.168.2.40x437eNo error (0)lb.wordpress.com192.0.78.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.297580004 CEST1.1.1.1192.168.2.40x437eNo error (0)lb.wordpress.com192.0.78.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:19.297970057 CEST1.1.1.1192.168.2.40x3525No error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.661645889 CEST1.1.1.1192.168.2.40x3bbNo error (0)stats.g.doubleclick.net142.251.16.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.661645889 CEST1.1.1.1192.168.2.40x3bbNo error (0)stats.g.doubleclick.net142.251.16.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.661892891 CEST1.1.1.1192.168.2.40x6280No error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.661892891 CEST1.1.1.1192.168.2.40x6280No error (0)analytics-alv.google.com216.239.34.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.661892891 CEST1.1.1.1192.168.2.40x6280No error (0)analytics-alv.google.com216.239.32.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.661892891 CEST1.1.1.1192.168.2.40x6280No error (0)analytics-alv.google.com216.239.36.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:20.661892891 CEST1.1.1.1192.168.2.40x6280No error (0)analytics-alv.google.com216.239.38.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:23.718792915 CEST1.1.1.1192.168.2.40x4369No error (0)bitsum.com104.26.5.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:23.718792915 CEST1.1.1.1192.168.2.40x4369No error (0)bitsum.com104.26.4.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:23.718792915 CEST1.1.1.1192.168.2.40x4369No error (0)bitsum.com172.67.74.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:23.718835115 CEST1.1.1.1192.168.2.40xe48eNo error (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:24.449347973 CEST1.1.1.1192.168.2.40x5ac5No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:29.448385954 CEST1.1.1.1192.168.2.40x2c94No error (0)pixel.wp.com192.0.76.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.589333057 CEST1.1.1.1192.168.2.40xe392No error (0)js.stripe.comstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.589941978 CEST1.1.1.1192.168.2.40x31a0No error (0)js.stripe.comdexeqbeb7giwr.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.589941978 CEST1.1.1.1192.168.2.40x31a0No error (0)dexeqbeb7giwr.cloudfront.net18.164.116.33A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.589941978 CEST1.1.1.1192.168.2.40x31a0No error (0)dexeqbeb7giwr.cloudfront.net18.164.116.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.589941978 CEST1.1.1.1192.168.2.40x31a0No error (0)dexeqbeb7giwr.cloudfront.net18.164.116.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:31.589941978 CEST1.1.1.1192.168.2.40x31a0No error (0)dexeqbeb7giwr.cloudfront.net18.164.116.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.497354984 CEST1.1.1.1192.168.2.40xdecfNo error (0)m.stripe.networkstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.497354984 CEST1.1.1.1192.168.2.40xdecfNo error (0)stripecdn.map.fastly.net151.101.192.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.497354984 CEST1.1.1.1192.168.2.40xdecfNo error (0)stripecdn.map.fastly.net151.101.64.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.497354984 CEST1.1.1.1192.168.2.40xdecfNo error (0)stripecdn.map.fastly.net151.101.128.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.497354984 CEST1.1.1.1192.168.2.40xdecfNo error (0)stripecdn.map.fastly.net151.101.0.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:32.497479916 CEST1.1.1.1192.168.2.40xaeafNo error (0)m.stripe.networkstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:33.428240061 CEST1.1.1.1192.168.2.40x7a78No error (0)pixel.wp.com192.0.76.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com54.213.45.60A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com44.229.164.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com44.237.125.219A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com52.10.82.34A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com44.237.131.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com44.238.18.217A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:37.650809050 CEST1.1.1.1192.168.2.40x556eNo error (0)m.stripe.com44.229.0.33A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com44.237.125.219A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com44.237.49.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com44.239.252.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com52.33.51.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com44.238.18.217A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com44.229.164.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:40.356811047 CEST1.1.1.1192.168.2.40x388aNo error (0)m.stripe.com44.240.193.20A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:35:41.146143913 CEST1.1.1.1192.168.2.40xd61No error (0)stripe.com198.137.150.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.451735020 CEST1.1.1.1192.168.2.40x7531No error (0)js.stripe.comstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.451946974 CEST1.1.1.1192.168.2.40x8e79No error (0)js.stripe.comstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.451946974 CEST1.1.1.1192.168.2.40x8e79No error (0)stripecdn.map.fastly.net151.101.0.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.451946974 CEST1.1.1.1192.168.2.40x8e79No error (0)stripecdn.map.fastly.net151.101.192.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.451946974 CEST1.1.1.1192.168.2.40x8e79No error (0)stripecdn.map.fastly.net151.101.128.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:20.451946974 CEST1.1.1.1192.168.2.40x8e79No error (0)stripecdn.map.fastly.net151.101.64.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:22.780890942 CEST1.1.1.1192.168.2.40x5875No error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:22.780890942 CEST1.1.1.1192.168.2.40x5875No error (0)lb.wordpress.com192.0.78.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:22.780890942 CEST1.1.1.1192.168.2.40x5875No error (0)lb.wordpress.com192.0.78.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:22.782164097 CEST1.1.1.1192.168.2.40xb337No error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.509125948 CEST1.1.1.1192.168.2.40x3cabNo error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.509125948 CEST1.1.1.1192.168.2.40x3cabNo error (0)analytics-alv.google.com216.239.38.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.509125948 CEST1.1.1.1192.168.2.40x3cabNo error (0)analytics-alv.google.com216.239.32.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.509125948 CEST1.1.1.1192.168.2.40x3cabNo error (0)analytics-alv.google.com216.239.36.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.509125948 CEST1.1.1.1192.168.2.40x3cabNo error (0)analytics-alv.google.com216.239.34.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:23.509913921 CEST1.1.1.1192.168.2.40xa8b2No error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com44.238.18.217A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com54.213.45.60A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com44.237.131.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com44.237.49.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com44.229.0.33A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com44.239.252.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:42.711642027 CEST1.1.1.1192.168.2.40xce74No error (0)m.stripe.com44.237.125.219A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com44.237.125.219A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com44.239.252.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com44.229.0.33A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com44.238.18.217A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com44.229.164.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com44.237.131.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:44.774373055 CEST1.1.1.1192.168.2.40x702fNo error (0)m.stripe.com54.213.45.60A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                        Apr 27, 2024 02:36:45.639448881 CEST1.1.1.1192.168.2.40x57a2No error (0)stripe.com198.202.176.81A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                        HTTPS Proxied Packets

                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        0192.168.2.44973969.192.108.161443
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:05 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                        User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                        Host: fs.microsoft.com
                                                                                                                                                                                                                                        2024-04-27 00:35:06 UTC466INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                        Server: ECAcc (chd/07A7)
                                                                                                                                                                                                                                        X-CID: 11
                                                                                                                                                                                                                                        X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                        X-Ms-Region: prod-eus-z1
                                                                                                                                                                                                                                        Cache-Control: public, max-age=23309
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:06 GMT
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        X-CID: 2


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        1192.168.2.44974069.192.108.161443
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:06 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                        Range: bytes=0-2147483646
                                                                                                                                                                                                                                        User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                        Host: fs.microsoft.com
                                                                                                                                                                                                                                        2024-04-27 00:35:06 UTC530INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                        ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                        X-Azure-Ref: 0rcGnYgAAAAANOnx9vccHTr21ROgX9ESTU0pDRURHRTAzMDkAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                                                                                                                                                                                                                        Cache-Control: public, max-age=23363
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:06 GMT
                                                                                                                                                                                                                                        Content-Length: 55
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        X-CID: 2
                                                                                                                                                                                                                                        2024-04-27 00:35:06 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        2192.168.2.44974140.68.123.157443
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:11 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+79UPCBWOyUrAT4&MD=aNBF4HwC HTTP/1.1
                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                        Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                        2024-04-27 00:35:11 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                        Expires: -1
                                                                                                                                                                                                                                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                        ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                        MS-CorrelationId: c71e044b-2d05-4aac-80ff-6d6f66333d3c
                                                                                                                                                                                                                                        MS-RequestId: bf0131b3-a32e-4114-897c-24ff2b974f72
                                                                                                                                                                                                                                        MS-CV: bXVwrkrJYUazwn4i.0
                                                                                                                                                                                                                                        X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:11 GMT
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Length: 24490
                                                                                                                                                                                                                                        2024-04-27 00:35:11 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                        Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                        2024-04-27 00:35:11 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                        Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        3192.168.2.449747104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:17 UTC706OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1103INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Set-Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; path=/
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQjjvSMN1%2FNRl7Fl1%2FHNGGW6SS%2F%2BNFxDFVHaRFZ4RI%2Bz0s%2FaWHRNRdxCKCMiTuR97sGtQFVUyCwIDSKdR8LBtYBdKhIROA4s%2Fb0kEa18voZf66%2BxvvHMBg4u4l8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb55196142a9-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC266INData Raw: 37 62 36 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7b65<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f
                                                                                                                                                                                                                                        Data Ascii: content="width=device-width, initial-scale=1" /><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73
                                                                                                                                                                                                                                        Data Ascii: var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterIns
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 09 09 09 09 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0a 0a 09 09 09 09 77 69 6e 64 6f 77 2e 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54
                                                                                                                                                                                                                                        Data Ascii: window.dataLayer = window.dataLayer || [];window.MonsterInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagT
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 09 77 69 6e 64 6f 77 2e 67 74 61 67 20 3d 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 3b 09 09 09 09 09 09 09 09 09 09 28 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 2f 2a 20 68 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: window.gtag = __gtagTracker;(function () {/* https://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 64 27 20 21 3d 3d 20 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a
                                                                                                                                                                                                                                        Data Ascii: d' !== typeof arguments[2]) {hitObject = {'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 09 09 09 09 09 09 09 27 74 69 74 6c 65 27 3a 20 27 70 61 67 65 5f 74 69 74 6c 65 27 2c 0a 09 09 09 09 09 09 09 09 09 27 72 65 66 65 72 72 65 72 27 20 3a 20 27 70 61 67 65 5f 72 65 66 65 72 72 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'title': 'page_title','referrer' : 'page_referrer',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 09 09 7d 3b 0a 0a 09 09 09 09 66 6f 72 20 28 6d 61 70 49 6e 64 65 78 20 69 6e 20 66 69 65 6c 64 4d 61 70 29 20 7b 0a 09 09 09 09 09 69 66 20 28 75 61 49 74 65 6d 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64
                                                                                                                                                                                                                                        Data Ascii: };for (mapIndex in fieldMap) {if (uaItem.hasOwnProperty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 73 65 6c 65 63 74 5f 63 6f 6e 74 65 6e 74 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d
                                                                                                                                                                                                                                        Data Ascii: ightsDualTracker.trackers['select_content'] = function (parameters) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});}
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 2e 63 61 6e 76 61 73 2e 68 65 69 67 68 74 29 2e 64 61 74 61 29 29 3b 72 65 74 75 72 6e 20 74 2e 65 76 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75
                                                                                                                                                                                                                                        Data Ascii: .canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\u


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        4192.168.2.449748104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC703OUTGET /wp-includes/css/dist/block-library/style.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC775INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Wed, 03 Apr 2024 15:53:31 GMT
                                                                                                                                                                                                                                        ETag: W/"426a8-1bae5-61533396ed7cc-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1775
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYvWNV%2BdZsEqBRfZFeuBoXAmGqF7aHUlbn1XlJ4aQldv%2F%2FGxbFV929QpH8J5utAm1KLPBFAVzH7uBYA849hUUvJxBZL62%2FQI42lkRKU7s4ExBbRmHQz4iuNSmak%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb5d39aa0ccd-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC594INData Raw: 37 63 61 63 0d 0a 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2e 77 70 2d 62 6c 6f 63 6b 2d 61 72 63 68 69 76 65 73 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 72 63 68 69 76 65 73 2d 64 72 6f 70 64 6f 77 6e 20 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 20 69 6d 67 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 77 70 2d 62
                                                                                                                                                                                                                                        Data Ascii: 7cac@charset "UTF-8";.wp-block-archives{box-sizing:border-box}.wp-block-archives-dropdown label{display:block}.wp-block-avatar{line-height:0}.wp-block-avatar,.wp-block-avatar img{box-sizing:border-box}.wp-block-avatar.aligncenter{text-align:center}.wp-b
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 2e 61 6c 69 67 6e 72 69 67 68 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 29 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e 36 36 37 65 6d 20 2b 20 32 70 78 29 20 63 61 6c 63 28 31 2e 33 33 33 65 6d 20 2b 20 32 70 78 29 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5b 73 74 79 6c 65 2a 3d 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 5d 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 69 6e 68 65 72 69 74 7d 2e 77
                                                                                                                                                                                                                                        Data Ascii: .alignright{text-align:right}:where(.wp-block-button__link){border-radius:9999px;box-shadow:none;padding:calc(.667em + 2px) calc(1.333em + 2px);text-decoration:none}.wp-block-button[style*=text-decoration] .wp-block-button__link{text-decoration:inherit}.w
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 73 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 3a 77 68 65 72 65 28 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 29 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 7b 62 6f 72 64 65 72 3a 32 70 78 20 73 6f 6c 69 64 3b 70 61 64 64 69 6e 67 3a 2e 36 36 37 65 6d 20 31 2e 33 33 33 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 2e 69 73 2d 73 74 79 6c 65 2d 6f
                                                                                                                                                                                                                                        Data Ascii: s{border-radius:0!important}.wp-block-button .wp-block-button__link:where(.is-style-outline),.wp-block-button:where(.is-style-outline)>.wp-block-button__link{border:2px solid;padding:.667em 1.333em}.wp-block-button .wp-block-button__link:where(.is-style-o
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 77 69 64 74 68 3a 6d 65 64 69 75 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 3a 6d 65 64 69 75 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 77 69 64 74 68 3a 6d 65 64 69 75 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 73 2e 69 73 2d 76 65 72 74 69 63 61 6c 7b 66 6c 65 78 2d 64 69 72 65 63
                                                                                                                                                                                                                                        Data Ascii: width:medium}.wp-block-button .wp-block-button__link:where([style*=border-bottom-style]){border-bottom-width:medium}.wp-block-button .wp-block-button__link:where([style*=border-left-style]){border-left-width:medium}.wp-block-buttons.is-vertical{flex-direc
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 69 6e 68 65 72 69 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 73 2e 68 61 73 2d 63 75 73 74 6f 6d 2d 66 6f 6e 74 2d 73 69 7a 65 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 61 6c 69 67 6e 63 65 6e 74 65 72 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61 6c 65 6e 64 61 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61 6c 65 6e 64 61 72 20 74 64 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61 6c 65 6e 64 61 72 20 74 68 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 3b 70 61 64 64 69 6e 67 3a 2e 32 35 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61
                                                                                                                                                                                                                                        Data Ascii: xt-decoration:inherit}.wp-block-buttons.has-custom-font-size .wp-block-button__link{font-size:inherit}.wp-block-button.aligncenter,.wp-block-calendar{text-align:center}.wp-block-calendar td,.wp-block-calendar th{border:1px solid;padding:.25em}.wp-block-ca
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 70 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 66 6c 65 78 2d 73 74 61 72 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 61 72 65 2d 76 65 72 74 69 63 61 6c 6c 79 2d 61 6c 69 67 6e 65 64 2d 63 65 6e 74 65 72 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 61 72 65 2d 76 65 72 74 69 63 61 6c 6c 79 2d 61 6c 69 67 6e 65 64 2d 62 6f 74 74 6f 6d 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 66 6c 65 78 2d 65 6e 64 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 38 31 70 78 29 7b 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 3a 6e 6f 74 28 2e 69 73 2d 6e 6f 74 2d 73 74 61 63 6b 65 64 2d 6f 6e 2d 6d 6f 62 69 6c 65 29 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 7b 66 6c 65
                                                                                                                                                                                                                                        Data Ascii: p{align-items:flex-start}.wp-block-columns.are-vertically-aligned-center{align-items:center}.wp-block-columns.are-vertically-aligned-bottom{align-items:flex-end}@media (max-width:781px){.wp-block-columns:not(.is-not-stacked-on-mobile)>.wp-block-column{fle
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 61 6c 69 67 6e 6c 65 66 74 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 6e 61 76 69 67 61 74 69 6f 6e 3a 61 66 74 65 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 63 6f 6e 74 65 6e 74 3a 22 22 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 63 6f 6d 6d 65 6e 74 6c 69 73 74 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f
                                                                                                                                                                                                                                        Data Ascii: box-sizing:border-box}.wp-block-post-comments .alignleft{float:left}.wp-block-post-comments .alignright{float:right}.wp-block-post-comments .navigation:after{clear:both;content:"";display:table}.wp-block-post-comments .commentlist{clear:both;list-style:no
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 63 6f 6d 6d 65 6e 74 73 20 2e 63 6f 6d 6d 65 6e 74 2d 66 6f 72 6d 20 69 6e 70 75 74 3a 6e 6f 74 28 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 29 3a 6e 6f 74 28 5b 74 79 70 65 3d 63 68 65 63 6b 62 6f 78 5d 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 63 6f 6d 6d 65 6e 74 2d 66 6f 72 6d 20 74 65 78 74 61 72 65 61 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 63 6f 6d 6d 65 6e 74 2d 66 6f 72 6d 2d 63 6f 6f 6b 69 65 73 2d 63 6f 6e 73 65 6e 74 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 67 61 70 3a 2e 32 35 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d
                                                                                                                                                                                                                                        Data Ascii: comments .comment-form input:not([type=submit]):not([type=checkbox]),.wp-block-post-comments .comment-form textarea{box-sizing:border-box;display:block;width:100%}.wp-block-post-comments .comment-form-cookies-consent{display:flex;gap:.25em}.wp-block-post-
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 70 72 65 76 69 6f 75 73 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 70 72 65 76 69 6f 75 73 2d 61 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 63 68 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 70 72 65 76 69 6f 75 73 2d 61 72 72 6f 77 3a 6e 6f 74 28 2e 69 73 2d 61 72 72 6f 77 2d
                                                                                                                                                                                                                                        Data Ascii: mments-pagination-previous:last-child{margin-right:0}.wp-block-comments-pagination .wp-block-comments-pagination-previous-arrow{display:inline-block;margin-right:1ch}.wp-block-comments-pagination .wp-block-comments-pagination-previous-arrow:not(.is-arrow-
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 5d 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2d 69 6d 61 67 65 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 64 69 6d 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 5d 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 64 69 6d 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 5d 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 20 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 64 69 6d 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 67 72 61 64 69 65 6e 74 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2d 69 6d
                                                                                                                                                                                                                                        Data Ascii: ground-color]),.wp-block-cover-image.has-background-dim:not([class*=-background-color]),.wp-block-cover.has-background-dim:not([class*=-background-color]){background-color:#000}.wp-block-cover .has-background-dim.has-background-gradient,.wp-block-cover-im


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        5192.168.2.449749104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC690OUTGET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC780INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Thu, 10 Dec 2020 20:06:24 GMT
                                                                                                                                                                                                                                        ETag: W/"4285f-2bf8-5b621b5daa0ab-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4794
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vf2ct2go%2FsyUFjk0H77Xwwl2Ip3HC9mXKMAMjjXhT%2F24Wcp975Gc5UdxrsXX26phkTZDcqRxnc1ui%2FBkkoO%2F0AIU6bjAhP41W9BkHcBlEv7RmFQ62%2BioX%2B%2BMSE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb60eb1542a6-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC589INData Raw: 32 62 66 38 0d 0a 2e 6d 65 6a 73 2d 6f 66 66 73 63 72 65 65 6e 7b 62 6f 72 64 65 72 3a 30 3b 63 6c 69 70 3a 72 65 63 74 28 31 70 78 2c 31 70 78 2c 31 70 78 2c 31 70 78 29 3b 2d 77 65 62 6b 69 74 2d 63 6c 69 70 2d 70 61 74 68 3a 69 6e 73 65 74 28 35 30 25 29 3b 63 6c 69 70 2d 70 61 74 68 3a 69 6e 73 65 74 28 35 30 25 29 3b 68 65 69 67 68 74 3a 31 70 78 3b 6d 61 72 67 69 6e 3a 2d 31 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 61 64 64 69 6e 67 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 31 70 78 3b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 48 65 6c 76 65 74 69 63 61
                                                                                                                                                                                                                                        Data Ascii: 2bf8.mejs-offscreen{border:0;clip:rect(1px,1px,1px,1px);-webkit-clip-path:inset(50%);clip-path:inset(50%);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px;word-wrap:normal}.mejs-container{background:#000;font-family:Helvetica
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 6f 6e 74 72 6f 6c 73 2d 73 74 61 72 74 2d 70 6c 61 79 62 61 63 6b 2d 62 75 74 74 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 65 6a 73 2d 66 69 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 6d 65 6a 73 2d 66 69 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 66 69 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 6d 65 6a 73
                                                                                                                                                                                                                                        Data Ascii: ontrols-start-playback-button{-webkit-appearance:none;display:none!important}.mejs-fill-container,.mejs-fill-container .mejs-container{height:100%;width:100%}.mejs-fill-container{background:transparent;margin:0 auto;overflow:hidden;position:relative}.mejs
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 3a 31 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 70 6c 61 79 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 2e 73 76 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 2d 33 39 70 78 3b 68 65 69 67 68 74 3a 38 30 70 78 3b 77 69 64 74 68 3a 38 30 70 78 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 3a 68 6f 76 65 72 3e 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 38 30 70 78 20 2d 33 39 70 78 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 6c 6f 61 64 69 6e 67 7b 68 65 69 67 68 74 3a
                                                                                                                                                                                                                                        Data Ascii: :1}.mejs-overlay-play{cursor:pointer}.mejs-overlay-button{background:url(mejs-controls.svg) no-repeat;background-position:0 -39px;height:80px;width:80px}.mejs-overlay:hover>.mejs-overlay-button{background-position:-80px -39px}.mejs-overlay-loading{height:
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 70 78 7d 2e 6d 65 6a 73 2d 62 75 74 74 6f 6e 3e 62 75 74 74 6f 6e 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 31 70 78 20 64 6f 74 74 65 64 20 23 39 39 39 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 5b 72 6f 6c 65 3d 73 6c 69 64 65 72 5d 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 5b 72 6f 6c 65 3d 73 6c 69 64 65 72 5d 3a 66 6f 63 75 73 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 61 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 61 3a 66 6f 63 75 73 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61
                                                                                                                                                                                                                                        Data Ascii: px}.mejs-button>button:focus{outline:1px dotted #999}.mejs-container-keyboard-inactive [role=slider],.mejs-container-keyboard-inactive [role=slider]:focus,.mejs-container-keyboard-inactive a,.mejs-container-keyboard-inactive a:focus,.mejs-container-keyboa
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 2d 34 35 64 65 67 2c 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 34 29 20 32 35 25 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 30 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 35 30 25 2c 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 34 29 20 30 2c 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 34 29 20 37 35 25 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 30 2c 74 72 61 6e 73 70 61 72 65 6e 74 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 31 35 70 78 20 31 35 70 78 3b 77 69 64 74 68 3a 31 30 30 25 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 62 7b 30 25 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 30 7d 74 6f 7b 62 61 63 6b 67 72 6f 75 6e 64
                                                                                                                                                                                                                                        Data Ascii: ackground:linear-gradient(-45deg,hsla(0,0%,100%,.4) 25%,transparent 0,transparent 50%,hsla(0,0%,100%,.4) 0,hsla(0,0%,100%,.4) 75%,transparent 0,transparent);background-size:15px 15px;width:100%}@-webkit-keyframes b{0%{background-position:0 0}to{background
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 58 28 30 29 3b 2d 6d 73 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 30 29 3b 7a 2d 69 6e 64 65 78 3a 31 31 7d 2e 6d 65 6a 73 2d 74 69 6d 65 2d 68 61 6e 64 6c 65 2d 63 6f 6e 74 65 6e 74 7b 62 6f 72 64 65 72 3a 34 70 78 20 73 6f 6c 69 64 20 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 39 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 68 65 69 67 68 74 3a 31 30 70 78 3b 6c 65 66 74 3a 2d 37 70 78 3b 74 6f 70 3a 2d 34 70 78 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 2d 6d 73 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 77 69 64 74 68 3a 31
                                                                                                                                                                                                                                        Data Ascii: X(0);-ms-transform:translateX(0);transform:translateX(0);z-index:11}.mejs-time-handle-content{border:4px solid hsla(0,0%,100%,.9);border-radius:50%;height:10px;left:-7px;top:-4px;-webkit-transform:scale(0);-ms-transform:scale(0);transform:scale(0);width:1
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 30 30 70 78 20 30 7d 2e 6d 65 6a 73 2d 6d 75 74 65 3e 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 36 30 70 78 20 30 7d 2e 6d 65 6a 73 2d 75 6e 6d 75 74 65 3e 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 34 30 70 78 20 30 7d 2e 6d 65 6a 73 2d 76 6f 6c 75 6d 65 2d 62 75 74 74 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 6d 65 6a 73 2d 76 6f 6c 75 6d 65 2d 62 75 74 74 6f 6e 3e 2e 6d 65 6a 73 2d 76 6f 6c 75 6d 65 2d 73 6c 69 64 65 72 7b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 66 61 63 65 2d 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 72
                                                                                                                                                                                                                                        Data Ascii: button{background-position:-100px 0}.mejs-mute>button{background-position:-60px 0}.mejs-unmute>button{background-position:-40px 0}.mejs-volume-button{position:relative}.mejs-volume-button>.mejs-volume-slider{-webkit-backface-visibility:hidden;background:r
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 63 75 72 72 65 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 38 29 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 68 61 6e 64 6c 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 62 75 74 74 6f 6e 2c 2e 6d 65 6a 73 2d 63 68 61 70 74 65 72 73 2d 62 75 74 74 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 62 75 74 74 6f 6e 3e 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e
                                                                                                                                                                                                                                        Data Ascii: 0;position:absolute}.mejs-horizontal-volume-current{background:hsla(0,0%,100%,.8);height:100%;top:0;width:100%}.mejs-horizontal-volume-handle{display:none}.mejs-captions-button,.mejs-chapters-button{position:relative}.mejs-captions-button>button{backgroun
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1092INData Raw: 74 3a 6c 65 66 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 3a 34 70 78 20 31 30 70 78 20 30 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 73 65 6c 65 63 74 65 64 2c 2e 6d 65 6a 73 2d 63 68 61 70 74 65 72 73 2d 73 65 6c 65 63 74 65 64 7b 63 6f 6c 6f 72 3a 23 32 31 66 38 66 38 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 74 72 61 6e 73 6c 61 74 69 6f 6e 73 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 35 70 78 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 6c 61 79 65 72 7b 62 6f 74 74 6f 6d 3a 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 6c 65 66 74 3a 30 3b 6c 69 6e
                                                                                                                                                                                                                                        Data Ascii: t:left;font-size:10px;line-height:15px;padding:4px 10px 0;width:100%}.mejs-captions-selected,.mejs-chapters-selected{color:#21f8f8}.mejs-captions-translations{font-size:10px;margin:0 0 5px}.mejs-captions-layer{bottom:0;color:#fff;font-size:16px;left:0;lin
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        6192.168.2.449752104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC706OUTGET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC776INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Wed, 13 Nov 2019 00:35:29 GMT
                                                                                                                                                                                                                                        ETag: W/"42866-105a-5972f8aadfb21-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4794
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxrUrIu8gc%2FrhIYlGIk573HyKOW%2FWZ5J5kwLx37LK8R%2BFwXGkIEXi5q29WqeIREeAn7hi1WkQmJVsJdhP4ud5vaQJZTANyRdIIZH1cDC0SYqISs4%2Bs6PnQs9%2FNQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb5f2f5b42c2-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC593INData Raw: 31 30 35 61 0d 0a 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 20 2a 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 2c 2e 6d 65 6a 73 2d 65 6d 62 65 64 2c 2e 6d 65 6a 73 2d 65 6d 62 65 64 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 32 32 32 7d 2e 6d 65 6a 73 2d 74 69 6d 65 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 61 2e 6d 65 6a 73 2d 68 6f 72
                                                                                                                                                                                                                                        Data Ascii: 105a.mejs-container{clear:both;max-width:100%}.mejs-container *{font-family:Helvetica,Arial}.mejs-container,.mejs-container .mejs-controls,.mejs-embed,.mejs-embed body{background:#222}.mejs-time{font-weight:400;word-wrap:normal}.mejs-controls a.mejs-hor
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 20 2e 6d 65 6a 73 2d 74 69 6d 65 2d 72 61 69 6c 20 2e 6d 65 6a 73 2d 74 69 6d 65 2d 74 6f 74 61 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 33 33 29 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 73 6c 69 64 65 72 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 63 75 72 72 65 6e 74 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 73 6c 69 64 65 72 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 74 6f 74 61 6c 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 2e 6d 65 6a 73 2d 74 69 6d 65 2d 72 61 69 6c 20 73 70 61
                                                                                                                                                                                                                                        Data Ascii: .mejs-time-rail .mejs-time-total{background:rgba(255,255,255,.33)}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-current,.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-total,.mejs-controls .mejs-time-rail spa
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 70 2d 76 69 64 65 6f 2d 73 68 6f 72 74 63 6f 64 65 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 76 69 64 65 6f 2d 64 65 74 61 69 6c 73 20 2e 77 70 2d 76 69 64 65 6f 2d 68 6f 6c 64 65 72 7b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 36 34 30 70 78 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 6d 61 72 67 69 6e 3a 31 32 70 78 20 30 20 31 38 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 7d 2e 77 70 2d 61 64 6d 69 6e 20 2e 77 70 2d 70 6c 61 79 6c 69 73 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 31 38 70 78 7d 2e 77 70 2d 70
                                                                                                                                                                                                                                        Data Ascii: p-video-shortcode{max-width:100%;display:inline-block}.video-details .wp-video-holder{width:100%;max-width:640px}.wp-playlist{border:1px solid #ccc;padding:10px;margin:12px 0 18px;font-size:14px;line-height:1.5}.wp-admin .wp-playlist{margin:0 0 18px}.wp-p
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC863INData Raw: 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 69 74 65 6d 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 30 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 6c 69 67 68 74 20 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 23 33 33 33 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 64 61 72 6b 20 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 23 64 64 64 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 70 6c 61 79 69 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 37 66 37 66 37 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 6c 69 67 68 74 20 2e 77 70 2d 70 6c
                                                                                                                                                                                                                                        Data Ascii: order-bottom:1px solid #ccc}.wp-playlist-item:last-child{border-bottom:0}.wp-playlist-light .wp-playlist-caption{color:#333}.wp-playlist-dark .wp-playlist-caption{color:#ddd}.wp-playlist-playing{font-weight:700;background:#f7f7f7}.wp-playlist-light .wp-pl
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        7192.168.2.449751104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC716OUTGET /wp-content/plugins/easy-digital-downloads-pro/includes/blocks/assets/css/edd-blocks.css?ver=3.2.11 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC830INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 246
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=294
                                                                                                                                                                                                                                        ETag: "1012d1-126-614de1d446158-gzip"
                                                                                                                                                                                                                                        Last-Modified: Sat, 30 Mar 2024 10:21:06 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1775
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tl8wDVMRk1DGtrq%2BV1NYMO7p0F7u8CF%2BaHQEndoXoi52XiGuwkHilclLZ5so8gU5YaAYmPgpCFMsRp%2Fu9mAsUM9wf4W%2F1e235Daai4q0eys5lWH2dAzeTdldkNI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb605f4a4240-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC246INData Raw: 3a 72 6f 6f 74 7b 2d 2d 65 64 64 2d 62 6c 6f 63 6b 73 2d 6c 69 67 68 74 2d 67 72 65 79 3a 20 23 65 65 65 7d 2e 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 7b 62 6f 72 64 65 72 3a 30 3b 63 6c 69 70 3a 72 65 63 74 28 31 70 78 2c 31 70 78 2c 31 70 78 2c 31 70 78 29 3b 2d 77 65 62 6b 69 74 2d 63 6c 69 70 2d 70 61 74 68 3a 69 6e 73 65 74 28 35 30 25 29 3b 63 6c 69 70 2d 70 61 74 68 3a 69 6e 73 65 74 28 35 30 25 29 3b 68 65 69 67 68 74 3a 31 70 78 3b 6d 61 72 67 69 6e 3a 2d 31 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 61 64 64 69 6e 67 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 31 70 78 3b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 21 69 6d 70 6f 72 74 61 6e 74 7d
                                                                                                                                                                                                                                        Data Ascii: :root{--edd-blocks-light-grey: #eee}.screen-reader-text{border:0;clip:rect(1px,1px,1px,1px);-webkit-clip-path:inset(50%);clip-path:inset(50%);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px;word-wrap:normal!important}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        8192.168.2.449750104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC709OUTGET /wp-content/plugins/redux-framework/redux-core/assets/css/extendify-utilities.css?ver=4.4.15 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC831INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 53369
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=53435
                                                                                                                                                                                                                                        ETag: "104096-d0bb-61478c65a0e6c-gzip"
                                                                                                                                                                                                                                        Last-Modified: Mon, 25 Mar 2024 09:26:56 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1774
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=edfhMDNQe50RdqHv2x9bxAi4POTC36Jyo5SlZwB6aEyRkoJIln0YdIS9noofx%2Bry6Z6Y4cOVZHrwKLLb2ml%2BMBl4gxfQjIv2iAyGBOcyUqMnOLzR9MypmU3RQvo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb5f38c60f6b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC538INData Raw: 2e 74 65 78 74 2d 73 74 72 6f 6b 65 2c 2e 74 65 78 74 2d 73 74 72 6f 6b 65 2d 2d 70 72 69 6d 61 72 79 2c 2e 74 65 78 74 2d 73 74 72 6f 6b 65 2d 2d 73 65 63 6f 6e 64 61 72 79 7b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 74 72 6f 6b 65 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d 77 70 2d 2d 63 75 73 74 6f 6d 2d 2d 74 79 70 6f 67 72 61 70 68 79 2d 2d 74 65 78 74 2d 73 74 72 6f 6b 65 2d 77 69 64 74 68 2c 32 70 78 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 61 62 73 6f 6c 75 74 65 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 72 69 6e 67 2d 74 6f 2d 66 72 6f 6e 74 2c 2e 65 78 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 69 6d 61 67 65 2c 2e 65 78 74 2d 72 65 6c 61 74 69 76 65 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74
                                                                                                                                                                                                                                        Data Ascii: .text-stroke,.text-stroke--primary,.text-stroke--secondary{-webkit-text-stroke-width:var(--wp--custom--typography--text-stroke-width,2px)!important}.ext-absolute{position:absolute!important}.bring-to-front,.ext .wp-block-image,.ext-relative{position:relat
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 72 69 67 68 74 2d 62 61 73 65 7b 72 69 67 68 74 3a 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 72 69 67 68 74 2d 6c 67 7b 72 69 67 68 74 3a 76 61 72 28 2d 2d 65 78 74 65 6e 64 69 66 79 2d 2d 73 70 61 63 69 6e 67 2d 2d 6c 61 72 67 65 2c 33 72 65 6d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 2d 72 69 67 68 74 2d 62 61 73 65 7b 72 69 67 68 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 20 2a 20 2d 31 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 2d 72 69 67 68 74 2d 6c 67 7b 72 69 67 68 74 3a 63 61 6c 63 28 76 61
                                                                                                                                                                                                                                        Data Ascii: !important}.ext-right-base{right:var(--wp--style--block-gap,1.75rem)!important}.ext-right-lg{right:var(--extendify--spacing--large,3rem)!important}.ext--right-base{right:calc(var(--wp--style--block-gap,1.75rem) * -1)!important}.ext--right-lg{right:calc(va
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 74 2d 63 6f 6c 2d 73 70 61 6e 2d 38 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 3a 73 70 61 6e 20 38 2f 73 70 61 6e 20 38 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 73 70 61 6e 2d 39 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 3a 73 70 61 6e 20 39 2f 73 70 61 6e 20 39 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 73 70 61 6e 2d 31 30 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 3a 73 70 61 6e 20 31 30 2f 73 70 61 6e 20 31 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 73 70 61 6e 2d 31 31 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 3a 73 70 61 6e 20 31 31 2f 73 70 61 6e 20 31 31 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 73 70 61 6e 2d 31 32 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 3a 73 70 61 6e 20 31 32 2f 73 70 61 6e 20 31 32
                                                                                                                                                                                                                                        Data Ascii: t-col-span-8{grid-column:span 8/span 8!important}.ext-col-span-9{grid-column:span 9/span 9!important}.ext-col-span-10{grid-column:span 10/span 10!important}.ext-col-span-11{grid-column:span 11/span 11!important}.ext-col-span-12{grid-column:span 12/span 12
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 74 7d 2e 65 78 74 2d 63 6f 6c 2d 65 6e 64 2d 31 30 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 2d 65 6e 64 3a 31 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 65 6e 64 2d 31 31 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 2d 65 6e 64 3a 31 31 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 65 6e 64 2d 31 32 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 2d 65 6e 64 3a 31 32 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 65 6e 64 2d 31 33 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 2d 65 6e 64 3a 31 33 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 63 6f 6c 2d 65 6e 64 2d 61 75 74 6f 7b 67 72 69 64 2d 63 6f 6c 75 6d 6e 2d 65 6e 64 3a 61 75 74 6f 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 72 6f 77 2d 61 75 74 6f 7b 67 72 69 64 2d 72 6f 77 3a 61
                                                                                                                                                                                                                                        Data Ascii: t}.ext-col-end-10{grid-column-end:10!important}.ext-col-end-11{grid-column-end:11!important}.ext-col-end-12{grid-column-end:12!important}.ext-col-end-13{grid-column-end:13!important}.ext-col-end-auto{grid-column-end:auto!important}.ext-row-auto{grid-row:a
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 5d 29 7b 6d 61 72 67 69 6e 3a 61 75 74 6f 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 6d 2d 62 61 73 65 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 6d 2d 6c 67 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 65 78 74 65 6e 64 69 66 79 2d 2d 73 70 61 63 69 6e 67 2d 2d 6c 61 72 67 65 2c 33 72 65 6d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 2d 6d 2d 62 61 73 65 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 3a 63 61 6c 63 28 76 61 72 28 2d 2d 77 70 2d 2d 73 74
                                                                                                                                                                                                                                        Data Ascii: ]){margin:auto!important}.ext-m-base:not([style*=margin]){margin:var(--wp--style--block-gap,1.75rem)!important}.ext-m-lg:not([style*=margin]){margin:var(--extendify--spacing--large,3rem)!important}.ext--m-base:not([style*=margin]){margin:calc(var(--wp--st
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 6d 79 2d 61 75 74 6f 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 61 75 74 6f 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 61 75 74 6f 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 20 68 32 2c 2e 65 78 74 2d 6d 79 2d 62 61 73 65 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 21 69 6d 70 6f 72 74
                                                                                                                                                                                                                                        Data Ascii: !important}.ext-my-auto:not([style*=margin]){margin-top:auto!important;margin-bottom:auto!important}.ext h2,.ext-my-base:not([style*=margin]){margin-top:var(--wp--style--block-gap,1.75rem)!important;margin-bottom:var(--wp--style--block-gap,1.75rem)!import
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 7d 2e 65 78 74 2d 2d 6d 74 2d 62 61 73 65 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 63 61 6c 63 28 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 20 2a 20 2d 31 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 2d 6d 74 2d 6c 67 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 63 61 6c 63 28 76 61 72 28 2d 2d 65 78 74 65 6e 64 69 66 79 2d 2d 73 70 61 63 69 6e 67 2d 2d 6c 61 72 67 65 2c 33 72 65 6d 29 20 2a 20 2d 31 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 6d 72 2d 30 2e 61 6c 69 67 6e 66 75 6c 6c 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 3a 6e 6f 74 28 5b 73 74
                                                                                                                                                                                                                                        Data Ascii: }.ext--mt-base:not([style*=margin]){margin-top:calc(var(--wp--style--block-gap,1.75rem) * -1)!important}.ext--mt-lg:not([style*=margin]){margin-top:calc(var(--extendify--spacing--large,3rem) * -1)!important}.ext-mr-0.alignfull:not([style*=margin]):not([st
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 62 6f 74 74 6f 6d 3a 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 6d 62 2d 6c 67 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 76 61 72 28 2d 2d 65 78 74 65 6e 64 69 66 79 2d 2d 73 70 61 63 69 6e 67 2d 2d 6c 61 72 67 65 2c 33 72 65 6d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 2d 2d 6d 62 2d 62 61 73 65 3a 6e 6f 74 28 5b 73 74 79 6c 65 2a 3d 6d 61 72 67 69 6e 5d 29 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 63 61 6c 63 28 76 61 72 28 2d 2d 77 70 2d 2d 73 74 79 6c 65 2d 2d 62 6c 6f 63 6b 2d 67 61 70 2c 31 2e 37 35 72 65 6d 29 20 2a 20 2d 31 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65
                                                                                                                                                                                                                                        Data Ascii: bottom:var(--wp--style--block-gap,1.75rem)!important}.ext-mb-lg:not([style*=margin]){margin-bottom:var(--extendify--spacing--large,3rem)!important}.ext--mb-base:not([style*=margin]){margin-bottom:calc(var(--wp--style--block-gap,1.75rem) * -1)!important}.e
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 74 20 5b 64 61 74 61 2d 74 79 70 65 3d 22 63 6f 72 65 2f 73 70 61 63 65 72 22 5d 20 2e 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 73 70 61 63 65 72 5f 5f 72 65 73 69 7a 65 2d 63 6f 6e 74 61 69 6e 65 72 3a 3a 62 65 66 6f 72 65 2c 2e 65 64 69 74 6f 72 5c 3a 6e 6f 2d 63 61 70 74 69 6f 6e 20 2e 62 6c 6f 63 6b 2d 65 64 69 74 6f 72 2d 72 69 63 68 2d 74 65 78 74 5f 5f 65 64 69 74 61 62 6c 65 2c 2e 65 64 69 74 6f 72 5c 3a 6e 6f 2d 69 6e 73 65 72 74 65 72 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 3a 6e 6f 74 28 2e 69 73 2d 73 65 6c 65 63 74 65 64 29 3e 2e 62 6c 6f 63 6b 2d 6c 69 73 74 2d 61 70 70 65 6e 64 65 72 2c 2e 65 64 69 74 6f 72 5c 3a 6e 6f 2d 69 6e 73 65 72 74 65 72 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 5f 5f 69 6e 6e 65 72 2d 63 6f 6e 74
                                                                                                                                                                                                                                        Data Ascii: t [data-type="core/spacer"] .block-library-spacer__resize-container::before,.editor\:no-caption .block-editor-rich-text__editable,.editor\:no-inserter .wp-block-column:not(.is-selected)>.block-list-appender,.editor\:no-inserter .wp-block-cover__inner-cont
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC1369INData Raw: 2d 33 7b 67 72 69 64 2d 74 65 6d 70 6c 61 74 65 2d 63 6f 6c 75 6d 6e 73 3a 72 65 70 65 61 74 28 33 2c 6d 69 6e 6d 61 78 28 30 2c 31 66 72 29 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 20 2e 65 78 74 2d 67 72 69 64 2d 63 6f 6c 73 2d 34 3e 5b 63 6c 61 73 73 2a 3d 5f 69 6e 6e 65 72 2d 63 6f 6e 74 61 69 6e 65 72 5d 2c 2e 65 78 74 2d 67 72 69 64 2d 63 6f 6c 73 2d 34 7b 67 72 69 64 2d 74 65 6d 70 6c 61 74 65 2d 63 6f 6c 75 6d 6e 73 3a 72 65 70 65 61 74 28 34 2c 6d 69 6e 6d 61 78 28 30 2c 31 66 72 29 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 65 78 74 20 2e 65 78 74 2d 67 72 69 64 2d 63 6f 6c 73 2d 35 3e 5b 63 6c 61 73 73 2a 3d 5f 69 6e 6e 65 72 2d 63 6f 6e 74 61 69 6e 65 72 5d 2c 2e 65 78 74 2d 67 72 69 64 2d 63 6f 6c 73 2d 35 7b 67 72 69 64 2d 74 65 6d 70 6c
                                                                                                                                                                                                                                        Data Ascii: -3{grid-template-columns:repeat(3,minmax(0,1fr))!important}.ext .ext-grid-cols-4>[class*=_inner-container],.ext-grid-cols-4{grid-template-columns:repeat(4,minmax(0,1fr))!important}.ext .ext-grid-cols-5>[class*=_inner-container],.ext-grid-cols-5{grid-templ


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        9192.168.2.449753104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC716OUTGET /wp-content/plugins/bitsum-wp//css/edd-supplemental-styles.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC829INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 262
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=364
                                                                                                                                                                                                                                        ETag: "fef53-16c-61364bd276298-gzip"
                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Mar 2024 16:07:31 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1774
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwwhmRZfbGaCwZHBu2cGGAoMJIMoVnsilm9yzPpSzb8BeMXFe%2BNaLo8AFuGkbVAOMyUh79hE%2BfbG5zPXdbCuUNki8gED8Q9OCMz4oxZQzs0%2FjxsyM0y27sPe%2B0U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb5f8f27c440-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC262INData Raw: 2e 65 64 64 2d 70 72 69 63 65 2d 72 6f 77 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 65 6d 7d 2e 65 64 64 2d 70 72 69 63 65 2d 68 65 61 64 69 6e 67 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 65 64 64 2d 63 68 65 63 6b 6f 75 74 2d 73 74 72 69 6b 65 74 68 72 6f 75 67 68 2d 70 72 69 63 65 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6c 69 6e 65 2d 74 68 72 6f 75 67 68 3b 63 6f 6c 6f 72 3a 72 65 64 7d 2e 65 64 64 2d 63 68 65 63 6b 6f 75 74 2d 73 61 6c 65 2d 70 72 69 63 65 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 65 64 64 2d 63 68 65 63 6b 6f 75 74 2d 72 65 67 75 6c 61 72 2d 70 72 69 63 65 7b 66 6f 6e 74 2d 77 65 69 67
                                                                                                                                                                                                                                        Data Ascii: .edd-price-row{text-align:center;font-size:1.2em;line-height:1.2em}.edd-price-heading{text-align:center}.edd-checkout-strikethrough-price{text-decoration:line-through;color:red}.edd-checkout-sale-price{font-weight:700}.edd-checkout-regular-price{font-weig


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        10192.168.2.449756104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC698OUTGET /wp-content/plugins/theme-my-login/assets/styles/theme-my-login.min.css?ver=7.1.7 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC776INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Mon, 18 Mar 2024 16:01:32 GMT
                                                                                                                                                                                                                                        ETag: W/"1073c1-48a-613f178ad7b65-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1774
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qvSvYt0oXkqScvZwsEDejqaec74mKvUjU7RSuizt9p6Jd1zGqSF4PRq4tKVA0%2FjpF6oqwn8U6xJl6%2BlicLfjZ0e%2Bk%2BaHDZ0nY%2FXkvTxHKePZLr2jUzLHFxjtvPE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb606ec54201-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC593INData Raw: 34 38 61 0d 0a 2e 74 6d 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 74 6d 6c 20 2a 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 66 69 65 6c 64 2d 77 72 61 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 2e 35 65 6d 20 30 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 63 68 65 63 6b 62 6f 78 2b 2e 74 6d 6c 2d 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 66 69 65 6c 64 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 64 65 73 63 72 69 70 74 69 6f 6e 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e
                                                                                                                                                                                                                                        Data Ascii: 48a.tml{font-size:1em}.tml *{box-sizing:border-box}.tml .tml-field-wrap{margin-bottom:1em}.tml .tml-label{display:block;margin:.5em 0}.tml .tml-checkbox+.tml-label{display:inline}.tml .tml-field{width:100%}.tml .tml-description{display:block;font-size:.
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC576INData Raw: 6c 65 66 74 2d 63 6f 6c 6f 72 3a 23 64 63 33 32 33 32 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 61 63 74 69 6f 6e 2d 63 6f 6e 66 69 72 6d 61 63 74 69 6f 6e 20 2e 73 75 63 63 65 73 73 2c 2e 74 6d 6c 20 2e 74 6d 6c 2d 73 75 63 63 65 73 73 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 3a 23 34 36 62 34 35 30 7d 23 70 61 73 73 2d 73 74 72 65 6e 67 74 68 2d 72 65 73 75 6c 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 65 65 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 3b 63 6f 6c 6f 72 3a 23 32 33 32 38 32 64 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 6f 70 61 63 69 74 79 3a 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 70 61 64 64 69 6e 67 3a 2e 35 65 6d 7d 23 70 61 73 73 2d 73 74 72 65 6e 67 74 68 2d
                                                                                                                                                                                                                                        Data Ascii: left-color:#dc3232}.tml .tml-action-confirmaction .success,.tml .tml-success{border-left-color:#46b450}#pass-strength-result{background-color:#eee;border:1px solid #ddd;color:#23282d;font-weight:700;opacity:0;margin-bottom:1em;padding:.5em}#pass-strength-
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        11192.168.2.449755151.101.192.1764437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC517OUTGET /v3/?ver=v3 HTTP/1.1
                                                                                                                                                                                                                                        Host: js.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC625INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Length: 619030
                                                                                                                                                                                                                                        Last-Modified: Fri, 26 Apr 2024 18:01:23 GMT
                                                                                                                                                                                                                                        ETag: "206d0cb0f8a398cba3f6c5c045508c70"
                                                                                                                                                                                                                                        Cache-Control: max-age=60
                                                                                                                                                                                                                                        Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                        strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        access-control-allow-origin: *
                                                                                                                                                                                                                                        server: Fastly
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Age: 0
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Via: 1.1 varnish
                                                                                                                                                                                                                                        X-Request-ID: ba3d39ec-bb74-4d34-8e65-3f906d0fc518
                                                                                                                                                                                                                                        X-Served-By: cache-lga21961-LGA
                                                                                                                                                                                                                                        X-Cache: HIT
                                                                                                                                                                                                                                        X-Cache-Hits: 0
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        Timing-Allow-Origin: *
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 76 61 72 20 6e 3d 6f 5b 74 5d 3b 69 66 28 76 6f 69 64 20 30 21 3d 3d 6e 29 72 65 74 75 72 6e 20 6e 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 61 3d 6f 5b 74 5d 3d 7b 69 64 3a 74 2c 6c 6f 61 64 65 64 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 72 5b 74 5d 28 61 2c 61 2e 65 78 70 6f 72 74 73 2c 65 29 2c 61 2e 6c 6f 61 64 65 64 3d 21 30 2c 61 2e 65 78 70 6f 72 74 73 7d 76 61 72 20 74 2c 6e 2c 72 3d 7b 37 32 33 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 72 28 65 29 7b 6c 2e 6c 65 6e 67 74 68 7c 7c 28 69 28 29 2c 21 30 29 2c 6c 5b 6c 2e 6c 65 6e 67 74 68 5d 3d 65 7d 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                                        Data Ascii: !function(){function e(t){var n=o[t];if(void 0!==n)return n.exports;var a=o[t]={id:t,loaded:!1,exports:{}};return r[t](a,a.exports,e),a.loaded=!0,a.exports}var t,n,r={723:function(e,t,n){"use strict";function r(e){l.length||(i(),!0),l[l.length]=e}function
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 22 2c 4e 55 3a 22 4e 55 22 2c 4e 5a 3a 22 4e 5a 22 2c 4f 4d 3a 22 4f 4d 22 2c 50 41 3a 22 50 41 22 2c 50 45 3a 22 50 45 22 2c 50 46 3a 22 50 46 22 2c 50 47 3a 22 50 47 22 2c 50 48 3a 22 50 48 22 2c 50 4b 3a 22 50 4b 22 2c 50 4c 3a 22 50 4c 22 2c 50 4d 3a 22 50 4d 22 2c 50 4e 3a 22 50 4e 22 2c 50 52 3a 22 50 52 22 2c 50 53 3a 22 50 53 22 2c 50 54 3a 22 50 54 22 2c 50 59 3a 22 50 59 22 2c 51 41 3a 22 51 41 22 2c 52 45 3a 22 52 45 22 2c 52 4f 3a 22 52 4f 22 2c 52 53 3a 22 52 53 22 2c 52 55 3a 22 52 55 22 2c 52 57 3a 22 52 57 22 2c 53 41 3a 22 53 41 22 2c 53 42 3a 22 53 42 22 2c 53 43 3a 22 53 43 22 2c 53 44 3a 22 53 44 22 2c 53 45 3a 22 53 45 22 2c 53 47 3a 22 53 47 22 2c 53 48 3a 22 53 48 22 2c 53 49 3a 22 53 49 22 2c 53 4a 3a 22 53 4a 22 2c 53 4b 3a 22 53
                                                                                                                                                                                                                                        Data Ascii: ",NU:"NU",NZ:"NZ",OM:"OM",PA:"PA",PE:"PE",PF:"PF",PG:"PG",PH:"PH",PK:"PK",PL:"PL",PM:"PM",PN:"PN",PR:"PR",PS:"PS",PT:"PT",PY:"PY",QA:"QA",RE:"RE",RO:"RO",RS:"RS",RU:"RU",RW:"RW",SA:"SA",SB:"SB",SC:"SC",SD:"SD",SE:"SE",SG:"SG",SH:"SH",SI:"SI",SJ:"SJ",SK:"S
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 3d 28 66 2e 48 2c 5b 22 6c 69 6e 65 49 74 65 6d 73 22 5d 29 2c 79 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 28 30 2c 61 2e 5a 29 28 7b 61 70 70 6c 65 50 61 79 3a 28 30 2c 69 2e 6a 74 29 28 69 2e 6b 77 2e 61 70 70 6c 79 28 76 6f 69 64 20 30 2c 28 30 2c 6f 2e 5a 29 28 70 2e 73 67 29 29 29 2c 67 6f 6f 67 6c 65 50 61 79 3a 28 30 2c 69 2e 6a 74 29 28 69 2e 6b 77 2e 61 70 70 6c 79 28 76 6f 69 64 20 30 2c 28 30 2c 6f 2e 5a 29 28 70 2e 73 67 29 29 29 2c 70 61 79 70 61 6c 3a 28 30 2c 69 2e 6a 74 29 28 69 2e 6b 77 2e 61 70 70 6c 79 28 76 6f 69 64 20 30 2c 28 30 2c 6f 2e 5a 29 28 70 2e 55 51 29 29 29 2c 6c 69 6e 6b 3a 28 30 2c 69 2e 6a 74 29 28 69 2e 6b 77 2e 61 70 70 6c 79 28 76 6f 69 64 20 30 2c 28 30 2c 6f 2e 5a 29 28 70 2e 55 51 29 29 29 7d 2c 5f 29 29 2c 76
                                                                                                                                                                                                                                        Data Ascii: =(f.H,["lineItems"]),y=Object.freeze((0,a.Z)({applePay:(0,i.jt)(i.kw.apply(void 0,(0,o.Z)(p.sg))),googlePay:(0,i.jt)(i.kw.apply(void 0,(0,o.Z)(p.sg))),paypal:(0,i.jt)(i.kw.apply(void 0,(0,o.Z)(p.UQ))),link:(0,i.jt)(i.kw.apply(void 0,(0,o.Z)(p.UQ)))},_)),v
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 61 72 20 72 3d 6e 28 31 34 31 33 29 2c 6f 3d 6e 28 39 30 36 32 29 2c 61 3d 6e 28 32 33 33 34 29 2c 69 3d 6e 28 36 39 37 37 29 2c 63 3d 6e 28 31 38 37 33 29 2c 73 3d 6e 28 38 38 31 32 29 2c 75 3d 6e 28 32 30 32 34 29 2c 6c 3d 6e 28 32 33 37 35 29 2c 64 3d 6e 28 34 38 36 37 29 2c 70 3d 6e 28 31 37 36 35 29 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 28 30 2c 70 2e 75 4e 29 28 65 2c 70 2e 4d 34 2e 65 6c 65 6d 65 6e 74 73 5f 63 75 73 74 6f 6d 65 72 73 5f 62 65 74 61 5f 31 29 26 26 28 30 2c 70 2e 75 4e 29 28 65 2c 70 2e 4d 34 2e 65 6c 65 6d 65 6e 74 73 5f 73 61 76 65 64 5f 70 61 79 6d 65 6e 74 5f 6d 65 74 68 6f 64 73 5f 62 65 74 61 5f 31 29 29 74 68 72 6f 77 20 6e 65 77 20 73 2e 4e 6f 28 22 54 68 65 20 22 2e 63 6f 6e 63 61 74 28 70 2e 4d 34 2e 65 6c
                                                                                                                                                                                                                                        Data Ascii: ar r=n(1413),o=n(9062),a=n(2334),i=n(6977),c=n(1873),s=n(8812),u=n(2024),l=n(2375),d=n(4867),p=n(1765),m=function(e){if((0,p.uN)(e,p.M4.elements_customers_beta_1)&&(0,p.uN)(e,p.M4.elements_saved_payment_methods_beta_1))throw new s.No("The ".concat(p.M4.el
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 6c 69 73 74 65 6e 65 72 52 65 67 69 73 74 72 79 2c 73 3d 65 2e 62 65 74 61 73 2c 75 3d 65 2e 61 70 70 50 61 72 61 6d 73 3b 72 65 74 75 72 6e 28 30 2c 61 2e 5a 29 28 74 68 69 73 2c 74 29 2c 28 72 3d 6e 2e 63 61 6c 6c 28 74 68 69 73 29 29 2e 5f 73 65 6e 64 46 41 52 65 71 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 28 30 2c 70 2e 54 6f 29 28 65 2e 74 61 67 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 5f 28 28 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 29 7b 72 2e 5f 72 65 71 75 65 73 74 73 5b 74 5d 3d 7b 72 65 73 6f 6c 76 65 3a 6e 2c 72 65 6a 65 63 74 3a 6f 7d 2c 72 2e 5f 73 65 6e 64 28 7b 6d 65 73 73 61 67 65 3a 7b 61 63 74 69 6f 6e 3a 22 73 74 72 69 70 65 2d 66 72 61 6d 65 2d 61 63 74 69 6f 6e 22 2c 70 61 79 6c 6f 61 64 3a 7b 6e 6f 6e 63 65 3a 74 2c 66 61
                                                                                                                                                                                                                                        Data Ascii: listenerRegistry,s=e.betas,u=e.appParams;return(0,a.Z)(this,t),(r=n.call(this))._sendFAReq=function(e){var t=(0,p.To)(e.tag);return new _((function(n,o){r._requests[t]={resolve:n,reject:o},r._send({message:{action:"stripe-frame-action",payload:{nonce:t,fa
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 6b 65 79 73 28 6e 29 3b 70 3c 6d 2e 6c 65 6e 67 74 68 3b 70 2b 2b 29 7b 76 61 72 20 66 3d 6d 5b 70 5d 2c 5f 3d 6e 5b 66 5d 3b 6e 75 6c 6c 3d 3d 3d 5f 7c 7c 22 6f 62 6a 65 63 74 22 21 3d 74 79 70 65 6f 66 20 5f 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 5f 2e 70 69 70 65 3f 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 5f 26 26 28 5f 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 5f 3f 72 2e 69 6e 63 6c 75 64 65 73 28 6e 5b 66 5d 29 3f 61 5b 66 5d 3d 22 5b 43 69 72 63 75 6c 61 72 5d 22 3a 28 73 2b 2b 2c 61 5b 66 5d 3d 64 28 6e 5b 66 5d 29 29 3a 61 5b 66 5d 3d 5f 29 3a 61 5b 66 5d 3d 22 5b 6f 62 6a 65 63 74 20 53 74 72 65 61 6d 5d 22 7d 66 6f 72 28 76 61 72 20 68 3d 30 2c 79 3d 79 65 3b 68 3c 79 2e 6c 65 6e 67 74 68
                                                                                                                                                                                                                                        Data Ascii: keys(n);p<m.length;p++){var f=m[p],_=n[f];null===_||"object"!=typeof _||"function"!=typeof _.pipe?"function"!=typeof _&&(_&&"object"==typeof _?r.includes(n[f])?a[f]="[Circular]":(s++,a[f]=d(n[f])):a[f]=_):a[f]="[object Stream]"}for(var h=0,y=ye;h<y.length
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 27 61 6c 6c 6f 77 2d 73 61 6d 65 2d 6f 72 69 67 69 6e 27 20 69 66 20 73 61 6e 64 62 6f 78 65 64 2e 22 29 29 7d 7d 2c 38 35 33 39 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 72 28 65 29 7b 74 72 79 7b 69 66 28 65 2e 63 75 72 72 65 6e 74 53 63 72 69 70 74 29 72 65 74 75 72 6e 20 65 2e 63 75 72 72 65 6e 74 53 63 72 69 70 74 2e 73 72 63 3b 76 61 72 20 74 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 27 73 63 72 69 70 74 5b 73 72 63 5e 3d 22 27 2e 63 6f 6e 63 61 74 28 69 2c 27 22 5d 27 29 29 2c 6e 3d 28 30 2c 61 2e 73 45 29 28 74 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 28 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 73 72 63 22 29 7c 7c 22 22 29 2e 73
                                                                                                                                                                                                                                        Data Ascii: 'allow-same-origin' if sandboxed."))}},8539:function(e,t,n){"use strict";function r(e){try{if(e.currentScript)return e.currentScript.src;var t=e.querySelectorAll('script[src^="'.concat(i,'"]')),n=(0,a.sE)(t,(function(e){var t=(e.getAttribute("src")||"").s
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 7b 69 64 3a 74 5b 31 5d 2c 63 6c 69 65 6e 74 53 65 63 72 65 74 3a 74 5b 30 5d 2c 74 79 70 65 3a 22 53 45 54 55 50 5f 49 4e 54 45 4e 54 22 7d 3a 6e 75 6c 6c 7d 2c 75 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 70 61 79 6d 65 6e 74 5f 69 6e 74 65 6e 74 22 3d 3d 3d 65 2e 6f 62 6a 65 63 74 3f 7b 69 64 3a 65 2e 69 64 2c 63 6c 69 65 6e 74 53 65 63 72 65 74 3a 65 2e 63 6c 69 65 6e 74 5f 73 65 63 72 65 74 2c 74 79 70 65 3a 22 50 41 59 4d 45 4e 54 5f 49 4e 54 45 4e 54 22 7d 3a 7b 69 64 3a 65 2e 69 64 2c 63 6c 69 65 6e 74 53 65 63 72 65 74 3a 65 2e 63 6c 69 65 6e 74 5f 73 65 63 72 65 74 2c 74 79 70 65 3a 22 53 45 54 55 50 5f 49 4e 54 45 4e 54 22 7d 7d 2c 6c 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 72 65 71 75 69 72 65 73 5f 73 6f
                                                                                                                                                                                                                                        Data Ascii: {id:t[1],clientSecret:t[0],type:"SETUP_INTENT"}:null},u=function(e){return"payment_intent"===e.object?{id:e.id,clientSecret:e.client_secret,type:"PAYMENT_INTENT"}:{id:e.id,clientSecret:e.client_secret,type:"SETUP_INTENT"}},l=function(e){return"requires_so
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 4f 62 6a 65 63 74 29 7d 2c 77 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 62 28 65 29 3f 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 3f 65 2e 73 6c 69 63 65 28 30 2c 65 2e 6c 65 6e 67 74 68 29 3a 28 30 2c 72 2e 5a 29 28 7b 7d 2c 65 29 3a 65 7d 2c 6b 3d 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 72 3d 6e 65 77 20 41 72 72 61 79 28 6e 29 2c 6f 3d 30 3b 6f 3c 6e 3b 6f 2b 2b 29 72 5b 6f 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 6f 5d 3b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 72 5b 30 5d 29 26 26 74 29 72 65 74 75 72 6e 20 77 28 72 5b 30 5d 29 3b 76 61 72 20
                                                                                                                                                                                                                                        Data Ascii: .constructor===Object)},w=function(e){return b(e)?Array.isArray(e)?e.slice(0,e.length):(0,r.Z)({},e):e},k=function e(t){return function(){for(var n=arguments.length,r=new Array(n),o=0;o<n;o++)r[o]=arguments[o];if(Array.isArray(r[0])&&t)return w(r[0]);var
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC16384INData Raw: 3d 65 2c 72 7d 28 30 2c 61 2e 5a 29 28 74 2c 65 29 3b 76 61 72 20 6e 3d 28 30 2c 69 2e 5a 29 28 74 29 3b 72 65 74 75 72 6e 28 30 2c 72 2e 5a 29 28 74 29 7d 28 28 30 2c 6e 28 37 31 31 32 29 2e 5a 29 28 45 72 72 6f 72 29 29 7d 2c 38 38 31 32 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 46 37 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 46 7d 2c 4e 6f 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 2e 4e 7d 2c 6b 70 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 2e 6b 7d 7d 29 3b 76 61 72 20 72 3d 6e 28 34 30 38 36 29 2c 6f 3d 6e 28 33 39 37 33 29 2c 61 3d 28 6e 28 38 31 30 32 29 2c 6e 28 35 31 29 29 7d 2c 32 38 32 36 3a 66 75 6e 63 74 69 6f 6e 28 65
                                                                                                                                                                                                                                        Data Ascii: =e,r}(0,a.Z)(t,e);var n=(0,i.Z)(t);return(0,r.Z)(t)}((0,n(7112).Z)(Error))},8812:function(e,t,n){"use strict";n.d(t,{F7:function(){return a.F},No:function(){return o.N},kp:function(){return r.k}});var r=n(4086),o=n(3973),a=(n(8102),n(51))},2826:function(e


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        12192.168.2.449757104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC714OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.css?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC827INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 6964
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=9123
                                                                                                                                                                                                                                        ETag: "1020ca-23a3-615c1f675be6a-gzip"
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1773
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKrKGqlywiuZnnDZtzWhFi6ehVgBqnmSO9I3Ous5Rb4fX4vFYQZpR4Jo2lX5qlAaqo%2FWFoixl2X8BUfkF1ES63eulwfwiurr8bB2UCVGIfUvb13Rwry034TD9IA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb61c93842de-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC542INData Raw: 23 66 61 6e 63 79 62 6f 78 2d 6c 6f 61 64 69 6e 67 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 77 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 34 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 30 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 32 30 70 78 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 7a 2d 69 6e 64 65 78 3a 31 31 30 34 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 23 66 61 6e 63 79 62 6f 78 2d 6c 6f 61 64 69 6e 67 20 64 69 76 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 34 38 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d
                                                                                                                                                                                                                                        Data Ascii: #fancybox-loading{position:fixed;top:50%;left:50%;width:40px;height:40px;margin-top:-20px;margin-left:-20px;cursor:pointer;overflow:hidden;z-index:1104;display:none}#fancybox-loading div{position:absolute;top:0;left:0;width:40px;height:480px;background-im
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 74 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 7d 23 66 61 6e 63 79 62 6f 78 2d 63 6f 6e 74 65 6e 74 7b 77 69 64 74 68 3a 30 3b 68 65 69 67 68 74 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 7a 2d 69 6e 64 65 78 3a 31 31 30 32 3b 62 6f 72 64 65 72 3a 30 20 73 6f 6c 69 64 20 23 66 66 66 7d 23 66 61 6e 63 79 62 6f 78 2d 68 69 64 65 2d 73 65 6c 2d 66 72 61 6d 65 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65
                                                                                                                                                                                                                                        Data Ascii: ter{position:relative;width:100%;height:100%;background:#fff}#fancybox-content{width:0;height:0;padding:0;outline:none;position:relative;overflow:hidden;z-index:1102;border:0 solid #fff}#fancybox-hide-sel-frame{position:absolute;top:0;left:0;width:100%;he
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 61 6e 63 79 62 6f 78 2d 72 69 67 68 74 3a 68 6f 76 65 72 20 73 70 61 6e 7b 6c 65 66 74 3a 61 75 74 6f 3b 72 69 67 68 74 3a 32 30 70 78 7d 2e 66 61 6e 63 79 62 6f 78 2d 62 67 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 62 6f 72 64 65 72 3a 30 3b 77 69 64 74 68 3a 32 30 70 78 3b 68 65 69 67 68 74 3a 32 30 70 78 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 31 7d 23 66 61 6e 63 79 62 6f 78 2d 62 67 2d 6e 7b 74 6f 70 3a 2d 32 30 70 78 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 66 61 6e 63 79 62 6f 78 2d 78 2e 70 6e 67 29 7d 23 66 61 6e 63 79 62 6f 78 2d 62 67 2d 6e 65 7b 74 6f 70 3a 2d 32 30 70 78 3b 72 69 67 68 74 3a 2d 32
                                                                                                                                                                                                                                        Data Ascii: ancybox-right:hover span{left:auto;right:20px}.fancybox-bg{position:absolute;padding:0;margin:0;border:0;width:20px;height:20px;z-index:1001}#fancybox-bg-n{top:-20px;left:0;width:100%;background-image:url(fancybox-x.png)}#fancybox-bg-ne{top:-20px;right:-2
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6c 65 66 74 3a 30 3b 62 6f 74 74 6f 6d 3a 2d 32 30 70 78 3b 68 65 69 67 68 74 3a 33 32 70 78 7d 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 77 72 61 70 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 63 6f 6c 6c 61 70 73 65 3b 77 69 64 74 68 3a 61 75 74 6f 7d 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 77 72 61 70 20 74 64 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 6c 65 66 74 7b 70 61 64 64 69 6e 67 3a 30 20 30 20 30 20 31 35 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 66 61 6e 63 79 62 6f
                                                                                                                                                                                                                                        Data Ascii: {position:absolute;left:0;bottom:-20px;height:32px}#fancybox-title-float-wrap{border:none;border-collapse:collapse;width:auto}#fancybox-title-float-wrap td{border:none;white-space:nowrap}#fancybox-title-float-left{padding:0 0 0 15px;background:url(fancybo
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 74 2d 6d 61 69 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65 72 28 73 72 63 3d 27 66 61 6e 63 79 62 6f 78 2f 66 61 6e 63 79 5f 74 69 74 6c 65 5f 6d 61 69 6e 2e 70 6e 67 27 2c 73 69 7a 69 6e 67 4d 65 74 68 6f 64 3d 27 73 63 61 6c 65 27 29 7d 2e 66 61 6e 63 79 62 6f 78 2d 69 65 36 20 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 72 69 67 68 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65 72 28 73 72
                                                                                                                                                                                                                                        Data Ascii: t-main{background:0 0;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='fancybox/fancy_title_main.png',sizingMethod='scale')}.fancybox-ie6 #fancybox-title-float-right{background:0 0;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sr
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC946INData Raw: 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65 72 28 73 72 63 3d 27 66 61 6e 63 79 62 6f 78 2f 66 61 6e 63 79 5f 73 68 61 64 6f 77 5f 65 2e 70 6e 67 27 2c 73 69 7a 69 6e 67 4d 65 74 68 6f 64 3d 27 73 63 61 6c 65 27 29 7d 2e 66 61 6e 63 79 62 6f 78 2d 69 65 20 23 66 61 6e 63 79 62 6f 78 2d 62 67 2d 73 65 7b 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65 72 28 73 72 63 3d 27 66 61 6e 63 79 62 6f 78 2f 66 61 6e 63 79 5f 73 68 61 64 6f 77 5f 73 65 2e 70 6e 67 27 2c 73 69 7a 69 6e 67 4d 65 74 68 6f 64 3d 27 73 63 61 6c 65 27 29 7d 2e 66 61 6e 63 79 62 6f 78 2d 69 65
                                                                                                                                                                                                                                        Data Ascii: XImageTransform.Microsoft.AlphaImageLoader(src='fancybox/fancy_shadow_e.png',sizingMethod='scale')}.fancybox-ie #fancybox-bg-se{filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='fancybox/fancy_shadow_se.png',sizingMethod='scale')}.fancybox-ie


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        13192.168.2.449758104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC697OUTGET /wp-content/plugins/easy-digital-downloads-pro/assets/css/edd.min.css?ver=3.2.11 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC785INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Sat, 30 Mar 2024 10:21:06 GMT
                                                                                                                                                                                                                                        ETag: W/"10110b-4b57-614de1d43e457-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1775
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WVK0%2B89jEdQtoQRP5AQV51ecTuglcgoP4UdWMMIG%2Ft%2BUt%2FGUCUVdHtibKe0%2F3DfHBoJeVZPuJzpBD15lggaNd0AkTX%2Blvpftb%2F8oiFW2%2FZHJVeipSjVV2hm%2B54%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb63791a421f-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC584INData Raw: 34 62 35 37 0d 0a 2e 65 64 64 2d 69 63 6f 6e 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 69 6c 6c 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 2e 65 64 64 2d 69 63 6f 6e 2d 73 70 69 6e 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 61 6e 69 6d 61 74 69 6f 6e 3a 65 64 64 2d 69 63 6f 6e 2d 73 70 69 6e 20 32 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 7d 40 6b 65 79 66 72 61 6d 65 73 20 65 64 64 2d 69 63 6f 6e 2d 73 70 69 6e 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 7d 7d 2e
                                                                                                                                                                                                                                        Data Ascii: 4b57.edd-icon{display:inline-block;fill:currentColor;position:relative;vertical-align:middle}.edd-icon-spin{display:inline-block;animation:edd-icon-spin 2s linear infinite}@keyframes edd-icon-spin{0%{transform:rotate(0deg)}to{transform:rotate(359deg)}}.
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 20 2e 65 64 64 5f 63 61 72 74 5f 68 65 61 64 65 72 5f 72 6f 77 20 74 68 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 66 61 66 61 3b 70 61 64 64 69 6e 67 3a 31 2e 33 38 37 65 6d 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 2e 65 64 64 5f 63 61 72 74 5f 64 69 73 63 6f 75 6e 74 5f 72 6f 77 20 74 68 2c 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 2e 65 64 64 5f 63 61 72 74 5f 74 61 78 5f 72 6f 77 20 74 68 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 74 68 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 74 64 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 35 70 78 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69
                                                                                                                                                                                                                                        Data Ascii: .edd_cart_header_row th{background:#fafafa;padding:1.387em}#edd_checkout_cart .edd_cart_discount_row th,#edd_checkout_cart .edd_cart_tax_row th{background:none}#edd_checkout_cart th{font-weight:700}#edd_checkout_cart td{line-height:25px;vertical-align:mi
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 65 69 67 68 74 3a 34 30 30 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 6c 65 67 65 6e 64 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 30 25 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 72 65 6d 3b 70 61 64 64 69 6e 67 3a 30 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b
                                                                                                                                                                                                                                        Data Ascii: eight:400;text-decoration:none}#edd_checkout_form_wrap legend{display:block;font-size:120%;line-height:1;font-weight:700;width:100%;margin:0 0 1rem;padding:0;white-space:nowrap}#edd_checkout_form_wrap label{font-weight:700;display:block;position:relative;
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 5d 2b 6c 61 62 65 6c 3a 61 66 74 65 72 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 73 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 38 70 78 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 73 20 69 6d 67 2e 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 7b 6d 61 78 2d 68 65 69 67 68 74 3a 33 32 70 78 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 73 20 2e 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 7b 6d 61 72 67 69 6e 3a 30 20 31 30 70 78 20 30 20 30 7d 23 65 64 64
                                                                                                                                                                                                                                        Data Ascii: ]+label:after{display:inline}#edd_checkout_form_wrap .edd-payment-icons{display:flex;margin:0 0 8px}#edd_checkout_form_wrap .edd-payment-icons img.payment-icon{max-height:32px}#edd_checkout_form_wrap .edd-payment-icons .payment-icon{margin:0 10px 0 0}#edd
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 2c 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 63 61 72 74 2d 61 64 6a 75 73 74 6d 65 6e 74 20 69 6e 70 75 74 2e 65 64 64 2d 73 75 62 6d 69 74 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 63 61 72 74 2d 61 64 6a 75 73 74 6d 65 6e 74 20 69 6e 70 75 74 2e 65 64 64 2d 73 75 62 6d 69 74 7b 70 61 64 64 69 6e 67 3a 33 70 78 20 31 32 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 70 78 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 23 65 64 64 2d 64 69 73 63 6f 75 6e 74 2d 65 72 72 6f 72 2d 77 72 61 70 7b 77 69 64 74 68 3a 31 30 30 25 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65
                                                                                                                                                                                                                                        Data Ascii: ,#edd_checkout_form_wrap .edd-cart-adjustment input.edd-submit{display:inline-block}#edd_checkout_form_wrap .edd-cart-adjustment input.edd-submit{padding:3px 12px;margin-bottom:2px}#edd_checkout_form_wrap #edd-discount-error-wrap{width:100%;display:inline
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 65 72 2e 76 61 6c 69 64 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 64 61 74 61 3a 69 6d 61 67 65 2f 73 76 67 2b 78 6d 6c 3b 63 68 61 72 73 65 74 3d 55 53 2d 41 53 43 49 49 2c 25 33 43 73 76 67 25 32 30 78 6d 6c 6e 73 25 33 44 25 32 32 68 74 74 70 25 33 41 25 32 46 25 32 46 77 77 77 2e 77 33 2e 6f 72 67 25 32 46 32 30 30 30 25 32 46 73 76 67 25 32 32 25 32 30 66 69 6c 6c 25 33 44 25 32 32 6e 6f 6e 65 25 32 32 25 32 30 76 69 65 77 42 6f 78 25 33 44 25 32 32 30 25 32 30 30 25 32 30 32 34 25 32 30 32 34 25 32 32 25 32 30 73 74 72 6f 6b 65 2d 77 69 64 74 68 25 33 44 25 32 32 31 2e 35 25 32 32 25 32 30 73 74 72 6f 6b 65 25 33 44 25 32 32 67 72 65 65 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 70 61 74 68 25 32 30 73 74 72 6f
                                                                                                                                                                                                                                        Data Ascii: er.valid{background-image:url(data:image/svg+xml;charset=US-ASCII,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20fill%3D%22none%22%20viewBox%3D%220%200%2024%2024%22%20stroke-width%3D%221.5%22%20stroke%3D%22green%22%3E%0A%20%20%3Cpath%20stro
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6c 65 66 74 3a 2d 33 35 70 78 7d 2e 65 64 64 2d 73 75 62 6d 69 74 2e 62 75 74 74 6f 6e 2e 65 64 64 2d 61 6a 61 78 2d 6c 6f 61 64 69 6e 67 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 7d 2e 65 64 64 2d 61 64 64 2d 74 6f 2d 63 61 72 74 20 2e 65 64 64 2d 61 64 64 2d 74 6f 2d 63 61 72 74 2d 6c 61 62 65 6c 7b 6f 70 61 63 69 74 79 3a 31 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 31 30 30 29 7d 2e 65 64 64 2d 6c 6f 61 64 69 6e 67 2c 2e 65 64 64 2d 6c 6f 61 64 69 6e 67 3a 61 66 74 65 72 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 2e 35 65 6d 3b 68 65 69 67 68 74 3a 31 2e 35 65 6d 7d
                                                                                                                                                                                                                                        Data Ascii: :none;position:relative;left:-35px}.edd-submit.button.edd-ajax-loading{padding-right:30px}.edd-add-to-cart .edd-add-to-cart-label{opacity:1;filter:alpha(opacity=100)}.edd-loading,.edd-loading:after{border-radius:50%;display:block;width:1.5em;height:1.5em}
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 61 64 65 72 2e 65 64 64 2d 6c 6f 61 64 69 6e 67 7b 6f 70 61 63 69 74 79 3a 31 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 31 30 30 29 7d 2e 65 64 64 2d 63 61 72 74 2d 61 64 64 65 64 2d 61 6c 65 72 74 7b 63 6f 6c 6f 72 3a 23 35 36 37 36 32 32 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 2e 65 64 64 5f 66 6f 72 6d 20 69 6e 70 75 74 2e 65 64 64 2d 69 6e 70 75 74 2e 72 65 71 75 69 72 65 64 2c 2e 65 64 64 5f 66 6f 72 6d 20 73 65 6c 65 63 74 2e 65 64 64 2d 73 65 6c 65 63 74 2e 72 65 71 75 69 72 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 30 7d 62 6f 64 79 2e 65 64 64 5f 72 65 63 65 69 70 74 5f 70 61 67 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23
                                                                                                                                                                                                                                        Data Ascii: ader.edd-loading{opacity:1;filter:alpha(opacity=100)}.edd-cart-added-alert{color:#567622;display:block;position:absolute}.edd_form input.edd-input.required,.edd_form select.edd-select.required{color:#000}body.edd_receipt_page{background-color:#fff;color:#
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 5f 70 61 79 6d 65 6e 74 5f 73 74 61 74 75 73 2e 70 65 6e 64 69 6e 67 2c 74 61 62 6c 65 23 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 20 2e 65 64 64 5f 72 65 63 65 69 70 74 5f 70 61 79 6d 65 6e 74 5f 73 74 61 74 75 73 2e 72 65 76 6f 6b 65 64 7b 63 6f 6c 6f 72 3a 23 66 37 33 66 32 65 7d 74 61 62 6c 65 23 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 5f 70 72 6f 64 75 63 74 73 20 6c 69 7b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 20 30 20 38 70 78 20 31 30 70 78 7d 74 61 62 6c 65 23 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 5f 70 72 6f 64 75 63 74 73 20 75 6c 2e 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 5f 66 69 6c 65 73 2c 74 61 62 6c 65 23 65 64 64 5f 70 75 72
                                                                                                                                                                                                                                        Data Ascii: _payment_status.pending,table#edd_purchase_receipt .edd_receipt_payment_status.revoked{color:#f73f2e}table#edd_purchase_receipt_products li{list-style:none;margin:0 0 8px 10px}table#edd_purchase_receipt_products ul.edd_purchase_receipt_files,table#edd_pur
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 20 2e 65 64 64 2d 69 6e 70 75 74 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 23 65 64 64 5f 6c 6f 67 69 6e 5f 66 6f 72 6d 20 6c 61 62 65 6c 2c 23 65 64 64 5f 72 65 67 69 73 74 65 72 5f 66 6f 72 6d 20 6c 61 62 65 6c 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 23 65 64 64 5f 70 72 6f 66 69 6c 65 5f 65 64 69 74 6f 72 5f 66 6f 72 6d 20 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 38 70 78 7d 23 65 64 64 5f 70 72 6f 66 69 6c 65 5f 65 64 69 74 6f 72 5f 66 6f 72 6d 20 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 65 64 64 5f 70 72 6f 66 69 6c 65 5f 65 64 69 74 6f 72 5f 66 6f 72 6d 20 2e 65 64 64 2d 70 72 6f 66 69 6c 65 2d 65 6d 61 69 6c 73 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 6e
                                                                                                                                                                                                                                        Data Ascii: .edd-input{box-sizing:border-box}#edd_login_form label,#edd_register_form label{cursor:pointer}#edd_profile_editor_form p{margin-bottom:8px}#edd_profile_editor_form label{display:inline-block}#edd_profile_editor_form .edd-profile-emails{list-style-type:n


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        14192.168.2.449760104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC692OUTGET /wp-content/plugins/edd-software-licensing/assets/css/edd-sl.css?ver=3.8.11 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC827INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 1746
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=1747
                                                                                                                                                                                                                                        ETag: "ff698-6d3-60b858a61d46f-gzip"
                                                                                                                                                                                                                                        Last-Modified: Sat, 02 Dec 2023 11:54:00 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 3212
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPaSgJtAllstrPBKuZpaRQfGHI9aKtCpxFlTbWOz%2B3CSia4T6zMS1ftQcXgsYEKWdxLlFphqh%2Ba6RT8TE9bOBSvdYHUcOy4zQBOK2mrLJR7GysJFOPPMIgbrGt0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb62ff081811-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC542INData Raw: 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 67 72 65 65 6e 7d 2e 65 64 64 2d 73 6c 2d 69 6e 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 67 72 61 79 7d 2e 65 64 64 2d 73 6c 2d 65 78 70 69 72 65 64 7b 63 6f 6c 6f 72 3a 23 64 63 33 32 33 32 7d 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 72 6f 77 20 2e 76 69 65 77 2d 6b 65 79 2d 77 72 61 70 70 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 72 6f 77 20 69 6e 70 75 74 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 6b 65 79 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b
                                                                                                                                                                                                                                        Data Ascii: .edd-sl-active{color:green}.edd-sl-inactive{color:gray}.edd-sl-expired{color:#dc3232}.edd_sl_license_row .view-key-wrapper{position:relative}.edd_sl_license_row input.edd_sl_license_key{border:none;cursor:pointer;display:block;margin:8px 0 0;outline:none;
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1204INData Raw: 6f 7d 2e 65 64 64 2d 73 6c 2d 63 68 69 6c 64 2d 6c 69 63 65 6e 73 65 73 20 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 6b 65 79 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 7d 2e 65 64 64 2d 73 6c 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 38 70 78 7d 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 72 6f 77 20 2e 65 64 64 2d 73 6c 2d 63 68 69 6c 64 20 73 70 61 6e 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 66 69 65 6c 64 73 65 74 23 65 64 64 5f 73 6c 5f 72 65 6e 65 77 61 6c 5f 66 69 65 6c 64 73 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 66 61 66 61 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 65 65 65 3b 70 61 64 64 69 6e 67 3a 31 2e 33 38 37 65 6d 7d
                                                                                                                                                                                                                                        Data Ascii: o}.edd-sl-child-licenses .edd_sl_license_key{margin-top:0}.edd-sl-child{margin-bottom:8px}.edd_sl_license_row .edd-sl-child span{display:block}#edd_checkout_form_wrap fieldset#edd_sl_renewal_fields{background:#fafafa;border:1px solid #eee;padding:1.387em}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        15192.168.2.449761104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:19 UTC697OUTGET /wp-content/plugins/edd-multi-currency/assets/build/style-frontend.css?ver=1.1.1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC828INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 126
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=127
                                                                                                                                                                                                                                        ETag: "ff5bc-7f-60b858a34a9a2-gzip"
                                                                                                                                                                                                                                        Last-Modified: Sat, 02 Dec 2023 11:53:57 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1775
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FGHCPsp8J6TW2HTk2Mb3NXjGeYrAOaesNcuhq4fg6%2FVHupOKEdmyKAr5opWyBcHO5q%2BwzQiEt085eR73yNFS6jf2g4ihRCwR9W4mblBC9K1JB1DYnR%2Fwoy4PmU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb631ff7424d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC126INData Raw: 2e 65 64 64 2d 6d 75 6c 74 69 2d 63 75 72 72 65 6e 63 79 2d 73 65 6c 65 63 74 6f 72 2d 62 75 74 74 6f 6e 73 20 66 6f 72 6d 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 77 72 61 70 3a 77 72 61 70 3b 67 61 70 3a 35 70 78 7d 2e 65 64 64 2d 6d 75 6c 74 69 2d 63 75 72 72 65 6e 63 79 2d 62 75 74 74 6f 6e 2d 2d 73 65 6c 65 63 74 65 64 7b 6f 70 61 63 69 74 79 3a 2e 36 7d
                                                                                                                                                                                                                                        Data Ascii: .edd-multi-currency-selector-buttons form{display:flex;flex-wrap:wrap;gap:5px}.edd-multi-currency-button--selected{opacity:.6}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        16192.168.2.449762104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC683OUTGET /wp-content/plugins/edd-recurring/assets/css/styles.css?ver=2.12.3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC826INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 223
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=255
                                                                                                                                                                                                                                        ETag: "ff71a-ff-615e2e3975a0c-gzip"
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:05 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1775
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W5O7xAuBZdvF9xT1W6a9BgO0OF57yLkEASrgNJLQe78pCC5NlZ2p1yHIYiLmZHZpi%2BgAd%2FBgwcnzDr%2FMfn9S6vB53XHJwfUm7vJkma6VdQZRbZxIi2Ns08M0Boc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb639a1d5e62-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC223INData Raw: 2e 65 64 64 72 2d 6e 6f 74 69 63 65 7b 6d 61 72 67 69 6e 3a 30 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 65 64 64 72 2d 6e 6f 74 69 63 65 2e 76 61 72 69 61 62 6c 65 2d 70 72 69 63 65 73 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 65 64 64 72 2d 63 61 72 74 2d 69 74 65 6d 2d 6e 6f 74 69 63 65 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 35 65 6d 7d 2e 65 64 64 2d 72 65 63 75 72 72 69 6e 67 2d 66 61 69 6c 65 64 2d 6c 69 73 74 20 73 70 61 6e 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 7d
                                                                                                                                                                                                                                        Data Ascii: .eddr-notice{margin:0;text-align:center}.eddr-notice.variable-prices{text-align:left}.eddr-cart-item-notice{text-align:left;font-size:.75em}.edd-recurring-failed-list span{display:block;padding-left:15px;padding-bottom:5px}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        17192.168.2.449763104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC671OUTGET /wp-content/themes/meminz/css/plugins.css?ver=20231028 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC836INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 250825
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=281976
                                                                                                                                                                                                                                        ETag: "103a33-44d78-608c88ab1cc60-gzip"
                                                                                                                                                                                                                                        Last-Modified: Sat, 28 Oct 2023 15:34:33 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1775
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wOgLDzgQoRkCKGL%2FnR1rzCHgkZJ0LmdlHKzkpXYpFm9lX%2BmA2VG4hBRiQNEUK4xSb5mNt0Fj2LwbpBm60hVLm3lHiGbE%2Fscuf3iF9FcBTCso99Pt0jvaNyDObz0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb647bac8c27-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC533INData Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2f 2a 21 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 36 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 2a 2f 2f 2a 21 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 2a 2f 68 74
                                                                                                                                                                                                                                        Data Ascii: @charset "UTF-8";/*!* Bootstrap v3.3.6 (http://getbootstrap.com)* Copyright 2011-2015 Twitter, Inc.* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)*//*!normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css*/ht
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6f 3a 6e 6f 74 28 5b 63 6f 6e 74 72 6f 6c 73 5d 29 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 68 65 69 67 68 74 3a 30 7d 5b 68 69 64 64 65 6e 5d 2c 74 65 6d 70 6c 61 74 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 61 3a 61 63 74 69 76 65 2c 61 3a 68 6f 76 65 72 7b 6f 75 74 6c 69 6e 65 3a 30 7d 61 62 62 72 5b 74 69 74 6c 65 5d 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 64 6f 74 74 65 64 7d 62 2c 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 64 66 6e 7b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 7d 68 31 7b 6d 61 72 67 69 6e 3a 2e 36 37 65 6d 20 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 6d 61 72 6b 7b 63 6f 6c 6f 72
                                                                                                                                                                                                                                        Data Ascii: o:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 63 61 6e 63 65 6c 2d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 64 65 63 6f 72 61 74 69 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 36 32 35 65 6d 20 2e 37 35 65 6d 3b 6d 61 72 67 69 6e 3a 30 20 32 70 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 73 69 6c 76 65 72 7d 6c 65 67 65 6e 64 7b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 3a 30 7d 74 65 78 74 61 72 65
                                                                                                                                                                                                                                        Data Ascii: ;-webkit-appearance:textfield}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}fieldset{padding:.35em .625em .75em;margin:0 2px;border:1px solid silver}legend{padding:0;border:0}textare
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 72 2e 65 6f 74 29 3b 73 72 63 3a 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 65 6f 74 3f 23 69 65 66 69 78 29 20 66 6f 72 6d 61 74 28 27 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d
                                                                                                                                                                                                                                        Data Ascii: r.eot);src:url(../fonts/glyphicons-halflings-regular.eot?#iefix) format('embedded-opentype'),url(../fonts/glyphicons-halflings-regular.woff2) format('woff2'),url(../fonts/glyphicons-halflings-regular.woff) format('woff'),url(../fonts/glyphicons-halflings-
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 31 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 6d 6f 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 7a 6f 6f 6d 2d 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 7a 6f 6f 6d 2d 6f 75 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 66 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 69 67 6e 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 6f 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 39 22 7d 2e 67 6c 79 70 68 69 63
                                                                                                                                                                                                                                        Data Ascii: 13"}.glyphicon-remove:before{content:"\e014"}.glyphicon-zoom-in:before{content:"\e015"}.glyphicon-zoom-out:before{content:"\e016"}.glyphicon-off:before{content:"\e017"}.glyphicon-signal:before{content:"\e018"}.glyphicon-cog:before{content:"\e019"}.glyphic
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6c 79 70 68 69 63 6f 6e 2d 66 6f 6e 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 62 6f 6c 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 69 74 61 6c 69 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 68 65 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 77 69 64 74 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 6c 69 67 6e 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 32 22 7d 2e 67
                                                                                                                                                                                                                                        Data Ascii: lyphicon-font:before{content:"\e047"}.glyphicon-bold:before{content:"\e048"}.glyphicon-italic:before{content:"\e049"}.glyphicon-text-height:before{content:"\e050"}.glyphicon-text-width:before{content:"\e051"}.glyphicon-align-left:before{content:"\e052"}.g
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6e 74 3a 22 5c 65 30 37 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 6c 75 73 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6d 69 6e 75 73 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 6d 6f 76 65 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 6b 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 71 75 65 73 74 69 6f 6e
                                                                                                                                                                                                                                        Data Ascii: nt:"\e079"}.glyphicon-chevron-right:before{content:"\e080"}.glyphicon-plus-sign:before{content:"\e081"}.glyphicon-minus-sign:before{content:"\e082"}.glyphicon-remove-sign:before{content:"\e083"}.glyphicon-ok-sign:before{content:"\e084"}.glyphicon-question
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6e 74 3a 22 5c 65 31 31 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 74 77 65 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 63 61 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6c 64 65 72 2d 63 6c 6f 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6c 64 65 72 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 73
                                                                                                                                                                                                                                        Data Ascii: nt:"\e113"}.glyphicon-chevron-down:before{content:"\e114"}.glyphicon-retweet:before{content:"\e115"}.glyphicon-shopping-cart:before{content:"\e116"}.glyphicon-folder-close:before{content:"\e117"}.glyphicon-folder-open:before{content:"\e118"}.glyphicon-res
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 79 70 68 69 63 6f 6e 2d 6c 69 6e 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 68 6f 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 75 73 68 70 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 75 73 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 67 62 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 35 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 2d 62 79 2d 61 6c 70
                                                                                                                                                                                                                                        Data Ascii: yphicon-link:before{content:"\e144"}.glyphicon-phone:before{content:"\e145"}.glyphicon-pushpin:before{content:"\e146"}.glyphicon-usd:before{content:"\e148"}.glyphicon-gbp:before{content:"\e149"}.glyphicon-sort:before{content:"\e150"}.glyphicon-sort-by-alp
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 69 63 6f 6e 2d 66 6c 6f 70 70 79 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 72 65 64 69 74 2d 63 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 72 61 6e 73 66 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 75 74 6c 65 72 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 38 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 6f 6d 70 72 65 73 73 65 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 38 31
                                                                                                                                                                                                                                        Data Ascii: icon-floppy-open:before{content:"\e176"}.glyphicon-credit-card:before{content:"\e177"}.glyphicon-transfer:before{content:"\e178"}.glyphicon-cutlery:before{content:"\e179"}.glyphicon-header:before{content:"\e180"}.glyphicon-compressed:before{content:"\e181


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        18192.168.2.449759104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC666OUTGET /wp-content/themes/meminz/style.css?ver=202306092 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC835INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 22480
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=29576
                                                                                                                                                                                                                                        ETag: "103a23-7388-5fdb385c72331-gzip"
                                                                                                                                                                                                                                        Last-Modified: Fri, 09 Jun 2023 14:52:48 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4795
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbI7x3qG%2F5ikjuDmB8w01UxGCf86YW%2FwnBbAaMGXFUwwlK2rl1tjvqqWmr2twRMDe%2FdbOvMMjTuyEuZyEw7RJyiipZi3DxSyLzIbnGCDNd5moCJn5F4%2BgzUf1Ns%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb647bbe0c95-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC534INData Raw: 2e 77 70 2d 63 61 70 74 69 6f 6e 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 77 70 2d 63 61 70 74 69 6f 6e 2d 74 65 78 74 7b 7d 2e 77 70 2d 63 61 70 74 69 6f 6e 20 69 6d 67 7b 7d 2e 67 61 6c 6c 65 72 79 2d 63 61 70 74 69 6f 6e 7b 7d 2e 62 79 70 6f 73 74 61 75 74 68 6f 72 7b 7d 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 61 6c 69 67 6e 6c 65 66 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 61 6c 69 67 6e 72 69 67 68 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 61 73 69 64 65 3e 2e 77 69 64 67 65 74 20 2a 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 7d 23 77 70 2d 63 61 6c 65 6e 64 61 72 7b 77 69 64 74 68 3a 31 30 30 25 7d 23 77 70 2d 63 61
                                                                                                                                                                                                                                        Data Ascii: .wp-caption{max-width:100%}.wp-caption-text{}.wp-caption img{}.gallery-caption{}.bypostauthor{}.aligncenter{text-align:center}.alignleft{text-align:left}.alignright{text-align:right}aside>.widget *{max-width:100%;height:auto}#wp-calendar{width:100%}#wp-ca
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 69 6e 67 3a 31 30 70 78 7d 2e 73 74 69 63 6b 79 3e 61 72 74 69 63 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 6d 62 2d 31 35 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 35 70 78 7d 2e 77 69 64 67 65 74 5f 61 72 63 68 69 76 65 20 73 65 6c 65 63 74 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 70 61 67 65 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 34 32 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 34 38 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 33 33 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 32 65 6d 7d 74 61 62 6c 65 7b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 31 70 78 20 31 70 78 20 31 70 78 20 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 65 64 65 64 65 64 20 23 65 64 65 64 65 64
                                                                                                                                                                                                                                        Data Ascii: ing:10px}.sticky>article{background-color:transparent}.mb-15{margin-bottom:15px}.widget_archive select{width:100%}.page-title{font-size:42px;line-height:48px;margin-bottom:.33em;margin-top:.2em}table{border-width:1px 1px 1px 0;border-color:#ededed #ededed
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6e 2d 62 67 20 2e 68 6f 6d 65 2d 63 6f 6e 74 61 69 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 7d 2e 76 69 64 65 6f 2d 77 72 61 70 70 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 70 61 64 64 69 6e 67 3a 31 36 30 70 78 20 30 20 30 3b 6d 61 72 67 69 6e 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 30 7d 2e 68 6f 6d 65 2d 73 6c 69 64 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 3a 34 30 70 78 20 30 20 2d 33 32 35 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 73 6c 69 64 65 72 2d 77 72 61 70 70 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6f 76 65 72 66
                                                                                                                                                                                                                                        Data Ascii: n-bg .home-contain{background:0 0}.video-wrapper{color:#fff;padding:160px 0 0;margin:0;width:100%;height:100%;z-index:0}.home-slider{position:relative;float:left;width:100%;height:auto;margin:40px 0 -325px!important}.slider-wrapper{position:absolute;overf
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 34 38 70 78 3b 68 65 69 67 68 74 3a 32 32 70 78 3b 7a 2d 69 6e 64 65 78 3a 32 3b 62 6f 74 74 6f 6d 3a 2d 32 32 70 78 3b 72 69 67 68 74 3a 31 35 70 78 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 7b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 68 35 2c 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 35 70 78 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 2e 61 75 74 68 6f 72 2d 69 6e 66 6f 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 69 6d
                                                                                                                                                                                                                                        Data Ascii: ition:absolute;width:48px;height:22px;z-index:2;bottom:-22px;right:15px}.testimoni-author{float:right;text-align:right}.testimoni-author h5,.testimoni-author p{margin-bottom:5px}.testimoni-author .author-info{float:left;margin-top:5px}.testimoni-author im
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6e 3a 63 65 6e 74 65 72 7d 2e 70 72 69 63 69 6e 67 2d 77 72 61 70 70 65 72 20 75 6c 20 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 69 6d 67 2f 70 72 69 63 69 6e 67 2d 6c 69 6e 65 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 62 6f 74 74 6f 6d 20 63 65 6e 74 65 72 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 38 70 78 7d 2e 70 72 69 63 69 6e 67 2d 77 72 61 70 70 65 72 20 75 6c 20 6c 69 20 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65
                                                                                                                                                                                                                                        Data Ascii: n:center}.pricing-wrapper ul li{background:url(img/pricing-line.png) no-repeat bottom center;float:left;width:100%;list-style:none;margin:0;padding:20px;font-size:18px;line-height:18px}.pricing-wrapper ul li strong{font-weight:700;text-transform:uppercase
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 34 29 7d 75 6c 2e 6c 69 73 74 46 6f 72 6d 20 6c 69 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 34 29 7d 75 6c 2e 6c 69 73 74 46 6f 72 6d 20 6c 69 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 65 72 3a 32 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 34 29 3b 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 36 29 3b 68 65 69 67 68 74 3a 35 30 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 20 32 35 70 78 20 31 30 70 78 20 38 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e
                                                                                                                                                                                                                                        Data Ascii: 4)}ul.listForm li .form-control::-webkit-input-placeholder{color:rgba(255,255,255,.4)}ul.listForm li .form-control{border:2px solid rgba(255,255,255,.4);color:rgba(255,255,255,.6);height:50px;padding:10px 25px 10px 80px;background:0 0;-webkit-box-shadow:n
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 64 5f 73 65 63 2c 23 64 6f 77 6e 6c 6f 61 64 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 69 6d 67 2f 62 67 33 2e 6a 70 67 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 61 74 74 61 63 68 6d 65 6e 74 3a 66 69 78 65 64 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 36 70 78 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 64 6f 77 6e 6c 6f 61 64 5f 73 65 63 20 68 33 2c 23 64 6f 77 6e 6c 6f 61 64 20 68 33 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 30 70 78 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 66 6f 6e 74
                                                                                                                                                                                                                                        Data Ascii: d_sec,#download{background-image:url(img/bg3.jpg);background-position:0 0;background-repeat:no-repeat;background-attachment:fixed;text-align:center;font-size:24px;line-height:36px;color:#fff}.download_sec h3,#download h3{margin-bottom:20px;color:#fff;font
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 67 69 73 74 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 77 69 64 74 68 3a 34 32 30 70 78 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 63 6f 6c 6f 72 3a 23 34 39 34 39 34 39 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 2c 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 3a 66 6f 63 75 73 2c 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 3a 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 70 61 64 64 69 6e 67 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 69 6e 2d 77 69 64 74 68 3a 32 36 38 70 78 7d 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 20 69 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b
                                                                                                                                                                                                                                        Data Ascii: gister{background:#fff;border-radius:4px;overflow:hidden;width:420px;height:auto;margin:0 auto;color:#494949;padding:0}.soscial-log,.soscial-log:focus,.soscial-log:active{color:#fff;padding:0;display:inline-block;min-width:268px}.soscial-log i{float:left;
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 7d 2e 6c 6f 67 69 6e 2d 72 65 67 69 73 74 65 72 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 3a 2d 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 6f
                                                                                                                                                                                                                                        Data Ascii: ease-in-out .15s,-webkit-box-shadow ease-in-out .15s;-o-transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s;transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s}.login-register .form-control::-moz-placeholder{color:#777;o
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 32 30 70 78 7d 61 73 69 64 65 20 2e 77 69 64 67 65 74 20 2e 68 65 61 64 20 73 70 61 6e 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 36 30 70 78 3b 68 65 69 67 68 74 3a 31 70 78 3b 6c 65 66 74 3a 30 3b 62 6f 74 74 6f 6d 3a 2d 31 70 78 7d 2e 72 65 63 65 6e 74 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 72 65 63 65 6e 74 20 6c 69 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 32 30 70 78 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 2d 62 6f 74 74
                                                                                                                                                                                                                                        Data Ascii: px;margin:0 0 20px}aside .widget .head span{position:absolute;display:block;width:60px;height:1px;left:0;bottom:-1px}.recent{float:left;width:100%;margin:0;padding:0}.recent li{float:left;width:100%;list-style:none;margin:10px 0 20px;padding:0;border-bott


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        19192.168.2.449764104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC694OUTGET /wp-content/themes/meminz/css/custom.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC832INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 7857
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=10657
                                                                                                                                                                                                                                        ETag: "103a2b-29a1-528f51cfd1580-gzip"
                                                                                                                                                                                                                                        Last-Modified: Sun, 10 Jan 2016 06:41:42 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4795
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOENcMougCCUqDWyGfFr3kiWuM1X3V%2FGKXLE0gwiyVXyGMaFxFbIZwfwp%2BJKppUqxsQALhRPazRFomX7ESI0Cj%2BhfDLNMbOnqutf7ZcyToeC0XDIqloi5dGXQqA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb659fb3c336-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC537INData Raw: 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 38 33 70 78 29 7b 2e 61 64 6d 69 6e 2d 62 61 72 20 2e 6e 61 76 62 61 72 2d 66 69 78 65 64 2d 74 6f 70 7b 74 6f 70 3a 33 32 70 78 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 38 32 70 78 29 7b 2e 61 64 6d 69 6e 2d 62 61 72 20 2e 6e 61 76 62 61 72 2d 66 69 78 65 64 2d 74 6f 70 7b 74 6f 70 3a 34 36 70 78 7d 7d 2e 63 74 68 2d 73 69 6e 67 6c 65 20 69 6d 67 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 7d 2e 63 74 68 2d 70 61 67 65 63 6f 6e 74 65 6e 74 20 69 6d 67 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67
                                                                                                                                                                                                                                        Data Ascii: @media screen and (min-width:783px){.admin-bar .navbar-fixed-top{top:32px}}@media screen and (min-width:600px) and (max-width:782px){.admin-bar .navbar-fixed-top{top:46px}}.cth-single img{max-width:100%;height:auto}.cth-pagecontent img{max-width:100%;heig
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 65 32 65 32 65 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 3e 61 7b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 3e 61 3a 68 6f 76 65 72 2c 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 3e 61 3a 66 6f 63 75 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d
                                                                                                                                                                                                                                        Data Ascii: l.dropdown-menu>li{background-color:#2e2e2e;padding:0}.meminz_main-nav ul.dropdown-menu>li>a{padding:15px}.meminz_main-nav ul.dropdown-menu>li>a:hover,.meminz_main-nav ul.dropdown-menu>li>a:focus{background-color:transparent}.meminz_main-nav ul.dropdown-m
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 73 68 61 64 6f 77 3a 30 20 33 70 78 20 39 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 35 29 7d 23 6c 6f 67 69 6e 41 6a 61 78 4d 6f 64 61 6c 20 2e 6d 6f 64 61 6c 2d 62 6f 64 79 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 70 61 64 64 69 6e 67 3a 30 7d 40 6d 65 64 69 61 28 6d 69 6e 2d 77 69 64 74 68 3a 37 36 38 70 78 29 7b 23 6c 6f 67 69 6e 41 6a 61 78 4d 6f 64 61 6c 20 2e 6d 6f 64 61 6c 2d 64 69 61 6c 6f 67 7b 77 69 64 74 68 3a 34 32 30 70 78 3b 6d 61 72 67 69 6e 3a 35 30 70 78 20 61 75 74 6f 7d 23 6c 6f 67 69 6e 41 6a 61 78 4d 6f 64 61 6c 20 2e 6d 6f 64 61 6c 2d 63 6f 6e 74 65 6e 74 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 35 70 78 20 31 35 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 35 29 3b 62 6f 78 2d 73 68 61 64
                                                                                                                                                                                                                                        Data Ascii: shadow:0 3px 9px rgba(0,0,0,.5)}#loginAjaxModal .modal-body{position:relative;padding:0}@media(min-width:768px){#loginAjaxModal .modal-dialog{width:420px;margin:50px auto}#loginAjaxModal .modal-content{-webkit-box-shadow:0 5px 15px rgba(0,0,0,.5);box-shad
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6c 20 6c 69 20 61 3a 62 65 66 6f 72 65 2c 2e 77 69 64 67 65 74 5f 63 61 74 65 67 6f 72 69 65 73 3e 75 6c 20 6c 69 20 61 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 70 65 2d 69 63 6f 6e 2d 37 2d 73 74 72 6f 6b 65 3b 73 70 65 61 6b 3a 6e 6f 6e 65 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 66 6f 6e 74 2d 76 61 72 69 61 6e 74 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 6e 6f 6e 65 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 3b 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67
                                                                                                                                                                                                                                        Data Ascii: l li a:before,.widget_categories>ul li a:before{display:inline-block;font-family:pe-icon-7-stroke;speak:none;font-style:normal;font-weight:400;font-variant:normal;text-transform:none;line-height:1;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6e 74 20 75 6c 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 77 70 74 5f 77 69 64 67 65 74 5f 63 6f 6e 74 65 6e 74 20 2e 74 61 62 2d 63 6f 6e 74 65 6e 74 20 6c 69 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 74 61 67 63 6c 6f 75 64 3e 61 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 63 6f 6c 6f 72 3a 23 36 32 36 32 36 32 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 3b 6d 61 72 67 69 6e 3a 35 70 78 20 31 30 70 78 20 35 70 78 20 30 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 3b 62 6f 72 64 65
                                                                                                                                                                                                                                        Data Ascii: nt ul{padding-left:0!important}.wpt_widget_content .tab-content li{padding-left:0!important}.tagcloud>a{margin:0;padding:0;list-style:none;margin:0;padding:0;color:#626262;float:left;padding:0;border-radius:2px;margin:5px 10px 5px 0;border:1px solid;borde
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 62 6c 65 64 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 5b 64 69 73 61 62 6c 65 64 5d 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 3b 63 75 72 73 6f 72 3a 6e 6f 74 2d 61 6c 6c 6f 77 65 64 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 36 35 29 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 6f 70 61 63 69 74 79 3a 2e 36 35 7d 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 3a 68 6f 76 65 72 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 3a 66 6f 63 75 73 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 3a 61 63 74
                                                                                                                                                                                                                                        Data Ascii: bled,#meminz_submit[disabled],fieldset[disabled] #meminz_submit{pointer-events:none;cursor:not-allowed;filter:alpha(opacity=65);-webkit-box-shadow:none;box-shadow:none;opacity:.65}#meminz_submit,#meminz_submit:hover,#meminz_submit:focus,#meminz_submit:act
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC475INData Raw: 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 40 6d 65 64 69 61 28 6d 69 6e 2d 77 69 64 74 68 3a 39 39 32 70 78 29 7b 2e 66 6c 65 78 2d 6e 6f 6e 61 76 20 2e 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 2d 6e 61 76 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 66 6c 65 78 2d 6e 6f 6e 61 76 3a 68 6f 76 65 72 20 2e 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 2d 6e 61 76 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 2e 68 6f 6d 65 2d 77 72 61 70 70 65 72 20 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 77 70 63 66 37 2d 63 61 70 74 63 68 61 72 7b 63 6f 6c 6f 72 3a 23 34 34 34 7d 2e 66 6c 65 78 73 6c 69 64 65 72 20 2e 73 6c 69 64 65 73 20 69 6d 67 2c 2e 69 6d 61 63 2d
                                                                                                                                                                                                                                        Data Ascii: :transparent}@media(min-width:992px){.flex-nonav .flex-direction-nav{display:none}.flex-nonav:hover .flex-direction-nav{display:block}}.home-wrapper .edd_download_purchase_form{display:inline-block}.wpcf7-captchar{color:#444}.flexslider .slides img,.imac-


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        20192.168.2.449765104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC702OUTGET /wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC831INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 3661
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=4102
                                                                                                                                                                                                                                        ETag: "104857-1006-5b7f470ca1ff8-gzip"
                                                                                                                                                                                                                                        Last-Modified: Sun, 03 Jan 2021 00:56:15 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4795
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDkt5QO8K9RmGQJhIgp1jKcUd4EuK0%2BSd8VngY6PWiGqE01vMNGUv9lhuZKQHop2w3NYu4GN7gCj69f4FupUN0pP1ASHr%2BnG0xatgafNLb8mD05ufdqk1bwjpJU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb65bb820f71-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC538INData Raw: 61 2c 61 3a 66 6f 63 75 73 2c 61 3a 68 6f 76 65 72 2c 61 3a 61 63 74 69 76 65 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e
                                                                                                                                                                                                                                        Data Ascii: a,a:focus,a:hover,a:active,.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:hover,.navbar-default .n
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 61 64 65 72 20 61 3a 68 6f 76 65 72 20 69 2c 2e 63 6f 75 6e 74 65 72 2d 6e 75 6d 62 65 72 2c 2e 70 72 69 63 69 6e 67 2d 68 65 61 64 2e 70 6f 70 75 6c 61 72 20 2e 70 72 69 63 69 6e 67 2d 70 72 69 63 65 2c 2e 76 61 6c 69 64 61 74 69 6f 6e 2c 2e 77 69 64 67 65 74 5f 6e 61 76 5f 6d 65 6e 75 3e 64 69 76 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 73 73 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 63 6f 6d 6d 65 6e 74 73 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 6d 65 74 61 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 61 72 63 68
                                                                                                                                                                                                                                        Data Ascii: ader a:hover i,.counter-number,.pricing-head.popular .pricing-price,.validation,.widget_nav_menu>div>ul li a:hover,.widget_rss>ul li a:hover,.widget_recent_comments>ul li a:hover,.widget_recent_entries>ul li a:hover,.widget_meta>ul li a:hover,.widget_arch
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6e 74 72 6f 6c 73 20 2e 6f 77 6c 2d 62 75 74 74 6f 6e 73 20 64 69 76 2e 6f 77 6c 2d 6e 65 78 74 3a 68 6f 76 65 72 2c 23 74 6f 54 6f 70 48 6f 76 65 72 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 3a 66 6f 63 75 73 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 3a 61 63 74 69 76 65 2c 2e 74 61 67 63 6c 6f 75 64 20 61 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 35 35 65 32 35 7d 2e 74 61 67 63 6c 6f 75 64 3e 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 35 35 65
                                                                                                                                                                                                                                        Data Ascii: ntrols .owl-buttons div.owl-next:hover,#toTopHover,.log-tabs li a,.log-tabs li a:hover,.log-tabs li a:focus,.log-tabs li a:active,.tagcloud a:hover{background-color:#f55e25}.tagcloud>a:hover{text-decoration:none;color:#fff!important;background-color:#f55e
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC385INData Raw: 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76
                                                                                                                                                                                                                                        Data Ascii: ult .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:hover,.navbar-default .navbar-nav .dropdown.active a:hover,.nav


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        21192.168.2.449766104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC687OUTGET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC772INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                                        ETag: W/"10042c-7171c-615e2e3b5a03e-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4651
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cJ78Bg4oLsWozKRITAMwVNP644s6HKtgERbxt5agDyVWBOQEpOlWZF5vfUpfZ9jxjMtlT6ZUTS203bn%2BeOwF6Jg74AwQUdKMWc%2FkQD5QYtT1us5fz9kPuJLeyU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb663d0272b7-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC597INData Raw: 37 63 61 66 0d 0a 2f 2a 21 0a 20 2a 20 57 50 42 61 6b 65 72 79 20 50 61 67 65 20 42 75 69 6c 64 65 72 20 76 36 2e 30 2e 30 20 28 68 74 74 70 73 3a 2f 2f 77 70 62 61 6b 65 72 79 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 34 20 4d 69 63 68 61 65 6c 20 4d 2c 20 57 50 42 61 6b 65 72 79 0a 20 2a 20 4c 69 63 65 6e 73 65 3a 20 43 6f 6d 6d 65 72 63 69 61 6c 2e 20 4d 6f 72 65 20 64 65 74 61 69 6c 73 3a 20 68 74 74 70 3a 2f 2f 67 6f 2e 77 70 62 61 6b 65 72 79 2e 63 6f 6d 2f 6c 69 63 65 6e 73 69 6e 67 0a 20 2a 2f 0a 0a 2e 76 63 5f 72 6f 77 3a 61 66 74 65 72 2c 2e 76 63 5f 72 6f 77 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 20 22 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 7d 2e 76 63 5f 72 6f 77 3a 61 66 74 65 72 7b 63 6c
                                                                                                                                                                                                                                        Data Ascii: 7caf/*! * WPBakery Page Builder v6.0.0 (https://wpbakery.com) * Copyright 2011-2024 Michael M, WPBakery * License: Commercial. More details: http://go.wpbakery.com/licensing */.vc_row:after,.vc_row:before{content:" ";display:table}.vc_row:after{cl
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 73 6d 2d 31 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 38 2e 33 33 33 33 33 33 33 33 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f 72 6f 77 20 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 32 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 36 2e 36 36 36 36 36 36 36 37 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73
                                                                                                                                                                                                                                        Data Ascii: sm-1{position:relative;float:left;width:8.33333333%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-2{position:relative;float:left;width:16.66666667%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_res
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 63 6f 6c 2d 73 6d 2d 31 31 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f 72 6f 77 20 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 32 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70
                                                                                                                                                                                                                                        Data Ascii: col-sm-11{position:relative;float:left;width:91.66666667%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-12{position:relative;float:left;width:100%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_resp
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6d 2d 32 5c 2f 35 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 34 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f 72 6f 77 20 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 33 5c 2f 35 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 36 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f
                                                                                                                                                                                                                                        Data Ascii: m-2\/5{position:relative;float:left;width:40%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-3\/5{position:relative;float:left;width:60%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 2d 33 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 34 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 35 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 36 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 37 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 38 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 39 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 30 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 31 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 32 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 32 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 33 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 34 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 35 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 36 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 37 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 38 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 39 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69
                                                                                                                                                                                                                                        Data Ascii: -3,.vc_col-sm-4,.vc_col-sm-5,.vc_col-sm-6,.vc_col-sm-7,.vc_col-sm-8,.vc_col-sm-9,.vc_col-xs-1,.vc_col-xs-10,.vc_col-xs-11,.vc_col-xs-12,.vc_col-xs-2,.vc_col-xs-3,.vc_col-xs-4,.vc_col-xs-5,.vc_col-xs-6,.vc_col-xs-7,.vc_col-xs-8,.vc_col-xs-9{position:relati
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 2e 76 63 5f 63 6f 6c 2d 78 73 2d 32 7b 77 69 64 74 68 3a 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 7b 77 69 64 74 68 3a 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 31 32 7b 72 69 67 68 74 3a 31 30 30 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 31 31 7b 72 69 67 68 74 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 31 30 7b 72 69 67 68 74 3a 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 39 7b 72 69 67 68 74 3a 37 35 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 38 7b 72 69 67 68 74 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 37 7b 72 69 67
                                                                                                                                                                                                                                        Data Ascii: .vc_col-xs-2{width:16.66666667%}.vc_col-xs-1{width:8.33333333%}.vc_col-xs-pull-12{right:100%}.vc_col-xs-pull-11{right:91.66666667%}.vc_col-xs-pull-10{right:83.33333333%}.vc_col-xs-pull-9{right:75%}.vc_col-xs-pull-8{right:66.66666667%}.vc_col-xs-pull-7{rig
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 61 72 67 69 6e 2d 6c 65 66 74 3a 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 31 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 31 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 32 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 33 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 34 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 35 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 31 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 32 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 33 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 34 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d
                                                                                                                                                                                                                                        Data Ascii: argin-left:16.66666667%}.vc_col-xs-offset-1{margin-left:8.33333333%}.vc_col-xs-offset-0{margin-left:0}.vc_col-lg-1\/5,.vc_col-lg-2\/5,.vc_col-lg-3\/5,.vc_col-lg-4\/5,.vc_col-lg-5\/5,.vc_col-md-1\/5,.vc_col-md-2\/5,.vc_col-md-3\/5,.vc_col-md-4\/5,.vc_col-m
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 32 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 33 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 34 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 35 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e
                                                                                                                                                                                                                                        Data Ascii: rse .vc_col-xs-1\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-2\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-3\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-4\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-5\/5,[dir=rtl] .vc_rtl-columns-reverse .
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 5f 63 6f 6c 2d 73 6d 2d 39 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 32 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 31 7b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 30 7b 77 69 64 74 68 3a 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 39 7b 77 69 64 74 68 3a 37 35 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 38 7b 77 69 64 74 68 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 37 7b 77 69 64 74 68 3a 35 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 36 7b 77 69 64 74 68 3a 35 30 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 35 7b 77 69 64 74 68 3a 34 31 2e 36 36 36 36 36 36 36 37 25 7d
                                                                                                                                                                                                                                        Data Ascii: _col-sm-9{float:right}.vc_col-sm-12{width:100%}.vc_col-sm-11{width:91.66666667%}.vc_col-sm-10{width:83.33333333%}.vc_col-sm-9{width:75%}.vc_col-sm-8{width:66.66666667%}.vc_col-sm-7{width:58.33333333%}.vc_col-sm-6{width:50%}.vc_col-sm-5{width:41.66666667%}
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 39 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 37 35 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 38 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 37 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 36 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 30 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 35 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 34 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 34 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 33 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 76
                                                                                                                                                                                                                                        Data Ascii: }.vc_col-sm-offset-9{margin-left:75%}.vc_col-sm-offset-8{margin-left:66.66666667%}.vc_col-sm-offset-7{margin-left:58.33333333%}.vc_col-sm-offset-6{margin-left:50%}.vc_col-sm-offset-5{margin-left:41.66666667%}.vc_col-sm-offset-4{margin-left:33.33333333%}.v


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        22192.168.2.449767104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC688OUTGET /wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC772INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Sun, 13 Dec 2020 20:33:11 GMT
                                                                                                                                                                                                                                        ETag: W/"338a8c-93d-5b65e6f23c1a9-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4795
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xOFnkb9x%2FL2UXLk9bj%2F7aqY34nFt4KKl4zhRKGG6b3FdDdDPo0GebMMHm3D9HX0uraYdhwpFfLu7dFiJGi4KtVu25hOXkUByX%2FwtLdix2Mj7bClFNx9jCklJq8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb664b2e8cb9-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC597INData Raw: 39 33 64 0d 0a 2e 74 6d 6c 2d 6c 6f 67 69 6e 2c 2e 74 6d 6c 2d 72 65 67 69 73 74 65 72 2c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 64 69 76 69 64 65 72 2c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 7b 6d 61 78 2d 77 69 64 74 68 3a 33 32 30 70 78 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 64 69 76 69 64 65 72 7b 6d 61 72 67 69 6e 3a 32 65 6d 20 30 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 64 69 76 69 64 65 72 20 73 70 61 6e 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 75 6c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 7b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 7d 75 6c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 20 6c 69 7b 6d 61 72 67 69
                                                                                                                                                                                                                                        Data Ascii: 93d.tml-login,.tml-register,.tml-social-divider,.tml-social-providers{max-width:320px}.tml-social-divider{margin:2em 0}.tml-social-divider span{display:none}ul.tml-social-providers{list-style:none;margin:0 auto;padding:0}ul.tml-social-providers li{margi
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 65 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 2e 35 65 6d 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 20 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 2d 74 65 78 74 7b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 2d 63 65 6c 6c 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 2e 35 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 20 61 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 3a 6c 69 6e 6b 2c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 20 61 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 3a 76 69 73 69 74 65 64 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e
                                                                                                                                                                                                                                        Data Ascii: e;display:inline-block;width:1.5em}.tml-social-provider .tml-social-provider-text{display:table-cell;padding-left:1em;line-height:2.5}.tml-social-providers a.tml-social-provider:link,.tml-social-providers a.tml-social-provider:visited{-webkit-box-shadow:n
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC406INData Raw: 72 6f 76 69 64 65 72 73 2d 64 69 76 69 64 65 72 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 2d 64 69 76 69 64 65 72 3a 62 65 66 6f 72 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 62 62 62 3b 63 6f 6e 74 65 6e 74 3a 27 27 3b 68 65 69 67 68 74 3a 31 70 78 3b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 72 69 67 68 74 3a 30 3b 74 6f 70 3a 31 65 6d 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 2d 64 69 76 69 64 65 72 20 73 70 61 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 6f 72 64 65 72
                                                                                                                                                                                                                                        Data Ascii: roviders-divider{margin-bottom:1em;position:relative;text-align:center}.tml-social-providers-divider:before{background:#bbb;content:'';height:1px;left:0;position:absolute;right:0;top:1em;width:100%}.tml-social-providers-divider span{background:#fff;border
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        23192.168.2.449768104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC671OUTGET /wp-content/plugins/jetpack/css/jetpack.css?ver=13.3.1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC834INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:20 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 107771
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=107794
                                                                                                                                                                                                                                        ETag: "100191-1a512-615c502d5f969-gzip"
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 21:49:20 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1774
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25NTpYOarU2X3qjeXe30fklvFoUhCO5bfPt%2BSsvQ4w6Gkr9StuKvzNZRr3XKOpxbh3pyg%2FtL8Cpssb5iofPcvBqg4NXpexMM04JfdkNXQbzUtpALqj4Np22UMeI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb671eb143d6-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC535INData Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 77 69 70 65 72 2d 69 63 6f 6e 73 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 73 72 63 3a 75 72 6c 28 22 64 61 74 61 3a 61 70 70 6c 69 63 61 74 69 6f 6e 2f 66 6f 6e 74 2d 77 6f 66 66 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3b 62 61 73 65 36 34 2c 20 64 30 39 47 52 67 41 42 41 41 41 41 41 41 5a 67 41 42 41 41 41 41 41 41 44 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 42 47 52 6c 52 4e 41 41 41 47 52 41 41 41 41 42 6f 41 41 41 41 63 69 36 71 48 6b 55 64 45 52 55 59 41 41 41 57 67 41 41 41 41 49 77 41 41 41 43 51 41 59 41
                                                                                                                                                                                                                                        Data Ascii: @charset "UTF-8";@font-face{font-family:swiper-icons;font-style:normal;font-weight:400;src:url("data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYA
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 41 41 41 46 6f 41 41 41 42 61 46 51 41 55 47 47 31 68 65 48 41 41 41 41 47 38 41 41 41 41 48 77 41 41 41 43 41 41 63 41 42 41 62 6d 46 74 5a 51 41 41 41 2f 67 41 41 41 45 35 41 41 41 43 58 76 46 64 42 77 6c 77 62 33 4e 30 41 41 41 46 4e 41 41 41 41 47 49 41 41 41 43 45 35 73 37 34 68 58 6a 61 59 32 42 6b 59 47 41 41 59 70 66 35 48 75 2f 6a 2b 57 32 2b 4d 6e 41 7a 4d 59 44 41 7a 61 58 36 51 6a 44 36 2f 34 2f 2f 42 78 6a 35 47 41 38 41 75 52 77 4d 59 47 6b 41 50 79 77 4c 31 33 6a 61 59 32 42 6b 59 47 41 38 38 50 38 41 67 78 34 6a 2b 2f 38 66 51 44 59 66 41 31 41 45 42 57 67 44 41 49 42 32 42 4f 6f 41 65 4e 70 6a 59 47 52 67 59 4e 42 68 34 47 64 67 59 67 41 42 45 4d 6e 49 41 42 4a 7a 59 4e 41 44 43 51 41 41 43 57 67 41 73 51 42 34 32 6d 4e 67 59 66 7a 43 4f
                                                                                                                                                                                                                                        Data Ascii: AAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3N0AAAFNAAAAGIAAACE5s74hXjaY2BkYGAAYpf5Hu/j+W2+MnAzMYDAzaX6QjD6/4//Bxj5GA8AuRwMYGkAPywL13jaY2BkYGA88P8Agx4j+/8fQDYfA1AEBWgDAIB2BOoAeNpjYGRgYNBh4GdgYgABEMnIABJzYNADCQAACWgAsQB42mNgYfzCO
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 53 53 6c 34 37 2b 51 63 72 31 6d 59 4e 41 41 41 41 65 4e 70 74 77 30 63 4b 77 6b 41 41 41 4d 44 5a 4a 41 38 51 37 4f 55 4a 76 6b 4c 73 50 66 5a 36 7a 46 56 45 52 50 79 38 71 48 68 32 59 45 52 2b 33 69 2f 42 50 38 33 76 49 42 4c 4c 79 53 73 6f 4b 69 6d 72 71 4b 71 70 61 32 68 70 36 2b 6a 71 36 52 73 59 47 68 6d 62 6d 4a 71 5a 53 79 30 73 72 61 78 74 62 4f 33 73 48 52 79 64 6e 45 4d 55 34 75 52 36 79 78 37 4a 4a 58 76 65 50 37 57 72 44 79 63 41 41 41 41 41 41 41 48 2f 2f 77 41 43 65 4e 70 6a 59 47 52 67 59 4f 41 42 59 68 6b 67 5a 67 4a 43 5a 67 5a 4e 42 6b 59 47 4c 51 5a 74 49 4a 73 46 4c 4d 59 41 41 41 77 33 41 4c 67 41 65 4e 6f 6c 69 7a 45 4b 67 44 41 51 42 43 63 68 52 62 43 32 73 46 45 52 30 59 44 36 71 56 51 69 42 43 76 2f 48 39 65 7a 47 49 36 5a 35 58
                                                                                                                                                                                                                                        Data Ascii: SSl47+Qcr1mYNAAAAeNptw0cKwkAAAMDZJA8Q7OUJvkLsPfZ6zFVERPy8qHh2YER+3i/BP83vIBLLySsoKimrqKqpa2hp6+jq6RsYGhmbmJqZSy0sraxtbO3sHRydnEMU4uR6yx7JJXveP7WrDycAAAAAAAH//wACeNpjYGRgYOABYhkgZgJCZgZNBkYGLQZtIJsFLMYAAAw3ALgAeNolizEKgDAQBCchRbC2sFER0YD6qVQiBCv/H9ezGI6Z5X
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 76 65 72 74 69 63 61 6c 7b 74 6f 75 63 68 2d 61 63 74 69 6f 6e 3a 70 61 6e 2d 78 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 7b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 69 6e 76 69 73 69 62 6c 65 2d 62 6c 61 6e 6b 7b 76 69 73 69 62 69 6c
                                                                                                                                                                                                                                        Data Ascii: swiper-container-pointer-events.swiper-container-vertical{touch-action:pan-x}.jp-carousel-overlay .swiper-slide{flex-shrink:0;height:100%;position:relative;transition-property:transform;width:100%}.jp-carousel-overlay .swiper-slide-invisible-blank{visibil
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 31 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 33 64 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 6c 65 66 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 32 37 30 64 65 67 2c 23 30 30 30 30 30 30 38 30 2c 23 30 30 30 30 29 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 33 64 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 72 69 67 68 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61
                                                                                                                                                                                                                                        Data Ascii: ;position:absolute;top:0;width:100%;z-index:10}.jp-carousel-overlay .swiper-container-3d .swiper-slide-shadow-left{background-image:linear-gradient(270deg,#00000080,#0000)}.jp-carousel-overlay .swiper-container-3d .swiper-slide-shadow-right{background-ima
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 6f 6e 2d 73 69 7a 65 29 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 63 61 6c 63 28 30 70 78 20 2d 20 76 61 72 28 2d 2d 73 77 69 70 65 72 2d 6e 61 76 69 67 61 74 69 6f 6e 2d 73 69 7a 65 29 2f 32 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 35 30 25 3b 77 69 64 74 68 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 77 69 70 65 72 2d 6e 61 76 69 67 61 74 69 6f 6e 2d 73 69 7a 65 29 2f 34 34 2a 32 37 29 3b 7a 2d 69 6e 64 65 78 3a 31 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 6e 65 78 74 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 64 69 73 61 62 6c 65 64 2c 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61
                                                                                                                                                                                                                                        Data Ascii: on-size);justify-content:center;margin-top:calc(0px - var(--swiper-navigation-size)/2);position:absolute;top:50%;width:calc(var(--swiper-navigation-size)/44*27);z-index:10}.jp-carousel-overlay .swiper-button-next.swiper-button-disabled,.jp-carousel-overla
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 76 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 62 6c 61 63 6b 7b 2d 2d 73 77 69 70 65 72 2d 6e 61 76 69 67 61 74 69 6f 6e 2d 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 6f 70 61 63 69 74 79 20 2e 33 73 3b 7a 2d 69 6e 64 65 78 3a 31 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f
                                                                                                                                                                                                                                        Data Ascii: v.swiper-button-black{--swiper-navigation-color:#000}.jp-carousel-overlay .swiper-button-lock{display:none}.jp-carousel-overlay .swiper-pagination{position:absolute;text-align:center;transform:translateZ(0);transition:opacity .3s;z-index:10}.jp-carousel-o
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 2d 6e 65 78 74 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2e 33 33 29 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 30 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 38 70 78 3b 6f 70 61 63 69 74 79 3a 2e 32 3b 77 69 64 74 68 3a 38 70 78 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 62 75 74 74 6f 6e 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 62
                                                                                                                                                                                                                                        Data Ascii: -next{transform:scale(.33)}.jp-carousel-overlay .swiper-pagination-bullet{background:#000;border-radius:50%;display:inline-block;height:8px;opacity:.2;width:8px}.jp-carousel-overlay button.swiper-pagination-bullet{-webkit-appearance:none;appearance:none;b
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 3e 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 73 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 73 2d 64 79 6e 61 6d 69 63 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 74 72 61 6e 73 66 6f 72 6d 20 2e 32 73 2c 6c 65 66 74 20 2e 32 73 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2e
                                                                                                                                                                                                                                        Data Ascii: anslateX(-50%);white-space:nowrap}.jp-carousel-overlay .swiper-container-horizontal>.swiper-pagination-bullets.swiper-pagination-bullets-dynamic .swiper-pagination-bullet{transition:transform .2s,left .2s}.jp-carousel-overlay .swiper-container-horizontal.
                                                                                                                                                                                                                                        2024-04-27 00:35:20 UTC1369INData Raw: 2d 2d 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 6c 61 63 6b 7b 2d 2d 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 7a 6f 6f 6d 2d 63 6f 6e 74 61 69 6e 65 72 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6a
                                                                                                                                                                                                                                        Data Ascii: --swiper-pagination-color:#fff}.jp-carousel-overlay .swiper-pagination-black{--swiper-pagination-color:#000}.jp-carousel-overlay .swiper-pagination-lock{display:none}.jp-carousel-overlay .swiper-zoom-container{align-items:center;display:flex;height:100%;j


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        24192.168.2.449774104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC640OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC818INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:35:22 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoRauqJ6MyYJIdNz%2Bf0QUnVR84fUGTwwQ5w89i6ZMefFvZ3ojMoIW6rkIXsFwwK0SjzbDal5Lf9KGNjkRj1TzAV9gAVVtIYYwkQeOnOUZTXWlYtIdtMIn5Z4I8Y%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb6fbb6380d3-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC551INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 3a
                                                                                                                                                                                                                                        Data Ascii: ult .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61 2e 62
                                                                                                                                                                                                                                        Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a.b
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC582INData Raw: 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e 65 64
                                                                                                                                                                                                                                        Data Ascii: or: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .ed
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        25192.168.2.449770104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC689OUTGET /wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC793INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Tue, 16 Apr 2024 14:58:19 GMT
                                                                                                                                                                                                                                        ETag: W/"1030b9-2da9-61637f7f1d006-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4797
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZjSHG1dVOTJFdXtk7LCc7P0DO7ca1dPbmV9y6vvYZZ%2B1n4rqUYBkB%2BQ4SU0N%2FZ%2BKO1YEzhsik%2FLneAwXn2a0K5Qq0dPToQAtwAJDz%2BGTWCAmcpnorErcjfoVt4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb6fbaae0f74-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC576INData Raw: 32 64 61 39 0d 0a 3b 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 5b 5d 2c 69 3d 27 27 2c 72 3d 21 31 3b 74 68 69 73 2e 73 65 74 4c 61 73 74 43 6c 69 63 6b 65 64 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 29 7b 74 3d 74 79 70 65 6f 66 20 74 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 3f 74 3a 5b 5d 3b 6e 3d 74 79 70 65 6f 66 20 6e 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 3f 6e 3a 5b 5d 3b 69 3d 74 79 70 65 6f 66 20 69 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 3f 69 3a 21 31 3b 65 2e 76 61 6c 75 65 73 41 72 72 61 79 3d 74 3b 65 2e 66 69 65 6c 64 73 41 72 72 61 79 3d 6e 7d 3b 74 68 69 73 2e 67 65 74 4c 61 73 74 43 6c 69 63 6b 65 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65
                                                                                                                                                                                                                                        Data Ascii: 2da9;var MonsterInsights=function(){var e=[],i='',r=!1;this.setLastClicked=function(t,n,i){t=typeof t!=='undefined'?t:[];n=typeof n!=='undefined'?n:[];i=typeof i!=='undefined'?i:!1;e.valuesArray=t;e.fieldsArray=n};this.getLastClicked=function(){return e
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 78 4f 66 28 69 29 3d 3d 3d 2d 31 29 7b 63 6f 6e 74 69 6e 75 65 7d 3b 69 66 28 6e 26 26 6e 2e 69 6e 64 65 78 4f 66 28 69 29 3e 2d 31 29 7b 63 6f 6e 74 69 6e 75 65 7d 3b 6c 5b 69 5d 3d 65 5b 69 5d 7d 3b 72 65 74 75 72 6e 20 6c 7d 3b 66 75 6e 63 74 69 6f 6e 20 62 28 65 2c 74 2c 6e 29 7b 69 66 28 21 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 76 34 5f 69 64 7c 7c 65 21 3d 3d 27 65 76 65 6e 74 27 29 7b 72 65 74 75 72 6e 7d 3b 76 61 72 20 69 3d 6e 2e 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 7c 7c 27 27 2c 61 3d 5b 27 65 76 65 6e 74 5f 6e 61 6d 65 27 2c 27 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 27 2c 27 65 76 65 6e 74 5f 6c 61 62 65 6c 27 2c 27 76 61 6c 75 65 27 2c 5d 2c 6c 3d 70 28 6e 2c 6e 75 6c 6c 2c 61 29 3b 6c 2e 61 63 74
                                                                                                                                                                                                                                        Data Ascii: xOf(i)===-1){continue};if(n&&n.indexOf(i)>-1){continue};l[i]=e[i]};return l};function b(e,t,n){if(!monsterinsights_frontend.v4_id||e!=='event'){return};var i=n.event_category||'',a=['event_name','event_category','event_label','value',],l=p(n,null,a);l.act
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 2e 27 29 3b 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 3d 74 2b 27 3d 27 2b 74 2b 27 3b 64 6f 6d 61 69 6e 3d 27 2b 65 2b 27 3b 27 7d 3b 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 3d 74 2b 27 3d 3b 65 78 70 69 72 65 73 3d 54 68 75 2c 20 30 31 20 4a 61 6e 20 31 39 37 30 20 30 30 3a 30 30 3a 30 31 20 47 4d 54 3b 64 6f 6d 61 69 6e 3d 27 2b 65 2b 27 3b 27 3b 72 65 74 75 72 6e 20 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 75 28 65 29 7b 65 3d 65 2e 74 6f 53 74 72 69 6e 67 28 29 3b 65 3d 65 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 28 65 2e 69 6e 64 65 78 4f 66 28 27 23 27 29 3d 3d 2d 31 29 3f 65 2e 6c 65 6e 67 74 68 3a 65 2e 69 6e 64 65 78 4f 66 28 27 23 27 29 29 3b 65 3d 65 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 28 65 2e 69 6e 64 65 78 4f 66 28 27 3f 27 29 3d 3d 2d
                                                                                                                                                                                                                                        Data Ascii: .');document.cookie=t+'='+t+';domain='+e+';'};document.cookie=t+'=;expires=Thu, 01 Jan 1970 00:00:01 GMT;domain='+e+';';return e};function u(e){e=e.toString();e=e.substring(0,(e.indexOf('#')==-1)?e.length:e.indexOf('#'));e=e.substring(0,(e.indexOf('?')==-
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 73 65 20 69 66 28 61 26 26 61 2e 6c 65 6e 67 74 68 3e 30 26 26 28 6f 28 61 29 3d 3d 27 6d 61 69 6c 74 6f 27 7c 7c 6f 28 61 29 3d 3d 27 6d 61 69 6c 74 6f 3a 27 29 29 7b 74 3d 27 6d 61 69 6c 74 6f 27 7d 0a 65 6c 73 65 20 69 66 28 72 26 26 6d 26 26 72 2e 6c 65 6e 67 74 68 3e 30 26 26 6d 2e 6c 65 6e 67 74 68 3e 30 26 26 21 72 2e 65 6e 64 73 57 69 74 68 28 27 2e 27 2b 6d 29 26 26 72 21 3d 3d 6d 29 7b 74 3d 27 65 78 74 65 72 6e 61 6c 27 7d 0a 65 6c 73 65 20 69 66 28 6b 26 26 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 6c 29 21 3d 27 7b 7d 27 26 26 6b 2e 6c 65 6e 67 74 68 3e 30 29 7b 76 61 72 20 79 3d 6c 2e 6c 65 6e 67 74 68 3b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 79 3b 6e 2b 2b 29 7b 69 66 28 6c 5b 6e 5d 2e 70 61 74 68 26 26 6c 5b 6e 5d 2e 6c 61 62 65 6c
                                                                                                                                                                                                                                        Data Ascii: se if(a&&a.length>0&&(o(a)=='mailto'||o(a)=='mailto:')){t='mailto'}else if(r&&m&&r.length>0&&m.length>0&&!r.endsWith('.'+m)&&r!==m){t='external'}else if(k&&JSON.stringify(l)!='{}'&&k.length>0){var y=l.length;for(var n=0;n<y;n++){if(l[n].path&&l[n].label
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 0a 65 6c 73 65 20 69 66 28 65 2e 61 6c 74 26 26 65 2e 61 6c 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 29 7b 72 65 74 75 72 6e 20 65 2e 61 6c 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 7d 0a 65 6c 73 65 20 69 66 28 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 26 26 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 29 7b 72 65 74 75 72 6e 20 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 7d 0a 65 6c 73 65 20 69 66 28 65 2e 66 69 72 73 74 43 68 69 6c 64 26 26 65 2e 66 69 72 73 74 43 68 69 6c 64 2e 74 61 67 4e 61 6d 65 3d 3d 27 49 4d 47 27 29 7b 72 65 74 75 72 6e 20 65 2e 66 69 72 73 74 43 68 69 6c 64 2e 73 72 63 7d 0a 65 6c 73 65 7b 72
                                                                                                                                                                                                                                        Data Ascii: else if(e.alt&&e.alt.replace(/\n/ig,'')){return e.alt.replace(/\n/ig,'')}else if(e.textContent&&e.textContent.replace(/\n/ig,'')){return e.textContent.replace(/\n/ig,'')}else if(e.firstChild&&e.firstChild.tagName=='IMG'){return e.firstChild.src}else{r
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 73 2e 64 6f 77 6e 6c 6f 61 64 29 7b 76 61 72 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 61 27 29 3b 65 2e 68 72 65 66 3d 61 2e 68 72 65 66 3b 65 2e 64 6f 77 6e 6c 6f 61 64 3d 61 2e 64 6f 77 6e 6c 6f 61 64 3b 65 2e 63 6c 69 63 6b 28 29 7d 0a 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 76 7d 7d 2c 45 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 65 78 69 74 3d 27 65 78 74 65 72 6e 61 6c 27 3b 74 28 65 29 7d 2c 43 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 65 78 69 74 3d 27 69 6e 74 65 72 6e 61 6c 2d 61 73 2d 6f 75 74 62 6f 75 6e 64 27 3b 74 28 65 29 7d 2c 49 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 65 78 69 74 3d 27 63 72 6f 73 73 2d 68 6f 73 74 6e 61 6d 65 27 3b 74 28 65 29 7d 3b 69 66 28
                                                                                                                                                                                                                                        Data Ascii: s.download){var e=document.createElement('a');e.href=a.href;e.download=a.download;e.click()}else{window.location.href=v}},E=function(){e.exit='external';t(e)},C=function(){e.exit='internal-as-outbound';t(e)},I=function(){e.exit='cross-hostname';t(e)};if(
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 65 6c 5f 68 6f 73 74 6e 61 6d 65 2c 6c 69 6e 6b 5f 63 6c 61 73 73 65 73 3a 65 2e 65 6c 5f 63 6c 61 73 73 65 73 2c 6c 69 6e 6b 5f 69 64 3a 65 2e 65 6c 5f 69 64 2c 6f 75 74 62 6f 75 6e 64 3a 21 30 2c 7d 7d 0a 65 6c 73 65 20 69 66 28 6f 3d 3d 27 63 72 6f 73 73 2d 68 6f 73 74 6e 61 6d 65 27 29 7b 6b 3d 7b 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 3a 27 63 72 6f 73 73 2d 68 6f 73 74 6e 61 6d 65 27 2c 65 76 65 6e 74 5f 6c 61 62 65 6c 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 6c 69 6e 6b 5f 74 65 78 74 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 6c 69 6e 6b 5f 75 72 6c 3a 76 2c 6c 69 6e 6b 5f 64 6f 6d 61 69 6e 3a 65 2e 65 6c 5f 68 6f 73 74 6e 61 6d 65 2c 6c 69 6e 6b 5f 63 6c 61 73 73 65 73 3a 65 2e 65 6c 5f 63 6c 61 73 73 65 73 2c 6c 69 6e 6b 5f 69 64 3a 65 2e 65 6c 5f 69 64
                                                                                                                                                                                                                                        Data Ascii: el_hostname,link_classes:e.el_classes,link_id:e.el_id,outbound:!0,}}else if(o=='cross-hostname'){k={event_category:'cross-hostname',event_label:f||e.title,link_text:f||e.title,link_url:v,link_domain:e.el_hostname,link_classes:e.el_classes,link_id:e.el_id
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 29 7b 6b 2e 74 72 61 6e 73 70 6f 72 74 3d 27 62 65 61 63 6f 6e 27 7d 3b 6c 28 27 65 76 65 6e 74 27 2c 62 7c 7c 76 2c 6b 2c 65 29 3b 73 65 74 54 69 6d 65 6f 75 74 28 70 2c 31 30 30 30 29 7d 7d 0a 65 6c 73 65 20 69 66 28 6f 3d 3d 27 65 78 74 65 72 6e 61 6c 27 29 7b 72 3d 21 30 3b 77 69 6e 64 6f 77 2e 6f 6e 62 65 66 6f 72 65 75 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6b 3d 7b 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 3a 27 6f 75 74 62 6f 75 6e 64 2d 6c 69 6e 6b 27 2c 65 76 65 6e 74 5f 6c 61 62 65 6c 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 65 76 65 6e 74 5f 63 61 6c 6c 62 61 63 6b 3a 70 2c 69 73 5f 61 66 66 69 6c 69 61 74 65 5f 6c 69 6e 6b 3a 21 31 2c 6c 69 6e 6b 5f 74 65 78 74 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 6c 69 6e 6b 5f 75 72 6c 3a 76 2c 6c
                                                                                                                                                                                                                                        Data Ascii: ){k.transport='beacon'};l('event',b||v,k,e);setTimeout(p,1000)}}else if(o=='external'){r=!0;window.onbeforeunload=function(t){k={event_category:'outbound-link',event_label:f||e.title,event_callback:p,is_affiliate_link:!1,link_text:f||e.title,link_url:v,l
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 6f 6e 2e 68 61 73 68 3b 66 75 6e 63 74 69 6f 6e 20 6b 28 29 7b 69 66 28 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 68 61 73 68 5f 74 72 61 63 6b 69 6e 67 3d 3d 3d 27 74 72 75 65 27 26 26 66 21 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 26 26 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 76 34 5f 69 64 29 7b 66 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 3b 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 27 63 6f 6e 66 69 67 27 2c 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 76 34 5f 69 64 2c 7b 70 61 67 65 5f 70 61 74 68 3a 6c 6f 63 61 74 69 6f 6e 2e 70 61 74 68 6e 61 6d 65 2b 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 2b 6c 6f 63
                                                                                                                                                                                                                                        Data Ascii: on.hash;function k(){if(monsterinsights_frontend.hash_tracking==='true'&&f!=window.location.hash&&monsterinsights_frontend.v4_id){f=window.location.hash;__gtagTracker('config',monsterinsights_frontend.v4_id,{page_path:location.pathname+location.search+loc
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC169INData Raw: 29 2a 4d 61 74 68 2e 66 6c 6f 6f 72 28 4d 61 74 68 2e 61 62 73 28 74 29 29 7d 7d 3b 66 6f 72 28 6e 3d 74 3e 3d 30 3f 4d 61 74 68 2e 6d 69 6e 28 74 2c 69 2d 31 29 3a 69 2d 4d 61 74 68 2e 61 62 73 28 74 29 3b 6e 3e 3d 30 3b 6e 2d 2d 29 7b 69 66 28 6e 20 69 6e 20 6c 26 26 6c 5b 6e 5d 3d 3d 3d 65 29 7b 72 65 74 75 72 6e 20 6e 7d 7d 3b 72 65 74 75 72 6e 2d 31 7d 7d 7d 2c 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4f 62 6a 65 63 74 3d 6e 65 77 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 28 29 3b 0d 0a
                                                                                                                                                                                                                                        Data Ascii: )*Math.floor(Math.abs(t))}};for(n=t>=0?Math.min(t,i-1):i-Math.abs(t);n>=0;n--){if(n in l&&l[n]===e){return n}};return-1}}},MonsterInsightsObject=new MonsterInsights();


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        26192.168.2.449769104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC649OUTGET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC789INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Tue, 07 Nov 2023 20:47:19 GMT
                                                                                                                                                                                                                                        ETag: W/"47576-15601-60996139f53e3-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4797
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uH9VV2t3ZWxkgbdWvKTgG68k3y%2BnkK1l8rYK5r9rVCxwusyp%2B%2FyOFchL%2FVFQxsa3Wc8rNW9bdBNCQv7obPeIfnKfamJTx8WwOnUmFmBrgL0WN4z9JFSAd0SKUAk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb702c5b425d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC580INData Raw: 37 63 39 65 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f
                                                                                                                                                                                                                                        Data Ascii: 7c9e/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Erro
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 74 79 2c 6f 3d 75 65 2e 74 6f 53 74 72 69 6e 67 2c 61 3d 6f 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 29 2c 6c 65 3d 7b 7d 2c 76 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 65 2e 6e 6f 64 65 54 79 70 65 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 65 2e 69 74 65 6d 7d 2c 79 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 65 3d 3d 3d 65 2e 77 69 6e 64 6f 77 7d 2c 43 3d 69 65 2e 64 6f 63 75 6d 65 6e 74 2c 75 3d 7b 74 79 70 65 3a 21 30 2c 73 72 63 3a 21 30 2c 6e 6f 6e 63 65 3a 21 30 2c 6e 6f 4d 6f 64 75 6c 65 3a 21 30 7d 3b 66 75 6e 63 74 69 6f 6e 20 6d 28 65 2c 74 2c 6e 29 7b 76
                                                                                                                                                                                                                                        Data Ascii: ty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){v
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 63 65 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 74 2b 31 29 25 32 7d 29 29 7d 2c 6f 64 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 63 65 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 25 32 7d 29 29 7d 2c 65 71 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 6c 65 6e 67 74 68 2c 6e 3d 2b 65 2b 28 65 3c 30 3f 74 3a 30 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 30 3c 3d 6e 26 26 6e 3c 74 3f 5b 74 68 69 73 5b 6e 5d 5d 3a 5b 5d 29 7d 2c 65 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74
                                                                                                                                                                                                                                        Data Ascii: rn this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){ret
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3d 22 22 2c 72 3d 30 2c 69 3d 65 2e 6e 6f 64 65 54 79 70 65 3b 69 66 28 21 69 29 77 68 69 6c 65 28 74 3d 65 5b 72 2b 2b 5d 29 6e 2b 3d 63 65 2e 74 65 78 74 28 74 29 3b 72 65 74 75 72 6e 20 31 3d 3d 3d 69 7c 7c 31 31 3d 3d 3d 69 3f 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3a 39 3d 3d 3d 69 3f 65 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3a 33 3d 3d 3d 69 7c 7c 34 3d 3d 3d 69 3f 65 2e 6e 6f 64 65 56 61 6c 75 65 3a 6e 7d 2c 6d 61 6b 65 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 74 7c 7c 5b 5d 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 28 63 28 4f 62 6a 65 63 74 28 65 29 29 3f 63 65 2e 6d 65 72 67 65 28 6e 2c 22 73 74 72 69 6e 67 22 3d 3d
                                                                                                                                                                                                                                        Data Ascii: on(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i||11===i?e.textContent:9===i?e.documentElement.textContent:3===i||4===i?e.nodeValue:n},makeArray:function(e,t){var n=t||[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 72 20 66 3d 2f 28 5b 5c 30 2d 5c 78 31 66 5c 78 37 66 5d 7c 5e 2d 3f 5c 64 29 7c 5e 2d 24 7c 5b 5e 5c 78 38 30 2d 5c 75 46 46 46 46 5c 77 2d 5d 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 3f 22 5c 30 22 3d 3d 3d 65 3f 22 5c 75 66 66 66 64 22 3a 65 2e 73 6c 69 63 65 28 30 2c 2d 31 29 2b 22 5c 5c 22 2b 65 2e 63 68 61 72 43 6f 64 65 41 74 28 65 2e 6c 65 6e 67 74 68 2d 31 29 2e 74 6f 53 74 72 69 6e 67 28 31 36 29 2b 22 20 22 3a 22 5c 5c 22 2b 65 7d 63 65 2e 65 73 63 61 70 65 53 65 6c 65 63 74 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 28 65 2b 22 22 29 2e 72 65 70 6c 61 63 65 28 66 2c 70 29 7d 3b 76 61 72 20 79 65 3d 43 2c 6d 65 3d 73 3b 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 62 2c 77 2c
                                                                                                                                                                                                                                        Data Ascii: r f=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\x80-\uFFFF\w-]/g;function p(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e}ce.escapeSelector=function(e){return(e+"").replace(f,p)};var ye=C,me=s;!function(){var e,b,w,
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 73 74 29 28 3f 3a 5c 5c 28 22 2b 67 65 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 67 65 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 4e 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65 61 7c 62 75 74 74 6f 6e 29 24 2f 69 2c 71 3d 2f 5e 68 5c 64 24 2f 69 2c 4c 3d 2f 5e 28 3f 3a 23 28 5b 5c 77 2d 5d 2b 29 7c 28 5c 77 2b 29 7c 5c 2e 28 5b 5c 77 2d 5d 2b 29 29 24 2f 2c 48 3d 2f 5b 2b 7e 5d 2f 2c 4f 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5c 5c 5c 5c 5b 5c 5c 64 61 2d 66 41 2d 46 5d 7b 31 2c 36 7d 22 2b 67 65 2b 22 3f 7c 5c 5c 5c 5c 28 5b 5e 5c 5c 72 5c 5c 6e 5c 5c 66 5d 29 22 2c 22 67 22 29 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 30 78 22 2b 65 2e 73
                                                                                                                                                                                                                                        Data Ascii: st)(?:\\("+ge+"*((?:-\\d)?\\d*)"+ge+"*\\)|)(?=[^-]|$)","i")},N=/^(?:input|select|textarea|button)$/i,q=/^h\d$/i,L=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,H=/[+~]/,O=new RegExp("\\\\[\\da-fA-F]{1,6}"+ge+"?|\\\\([^\\r\\n\\f])","g"),P=function(e,t){var n="0x"+e.s
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 6f 3d 28 6c 3d 59 28 74 29 29 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 6c 5b 6f 5d 3d 28 73 3f 22 23 22 2b 73 3a 22 3a 73 63 6f 70 65 22 29 2b 22 20 22 2b 51 28 6c 5b 6f 5d 29 3b 63 3d 6c 2e 6a 6f 69 6e 28 22 2c 22 29 7d 74 72 79 7b 72 65 74 75 72 6e 20 6b 2e 61 70 70 6c 79 28 6e 2c 66 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 63 29 29 2c 6e 7d 63 61 74 63 68 28 65 29 7b 68 28 74 2c 21 30 29 7d 66 69 6e 61 6c 6c 79 7b 73 3d 3d 3d 53 26 26 65 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 7d 7d 7d 72 65 74 75 72 6e 20 72 65 28 74 2e 72 65 70 6c 61 63 65 28 76 65 2c 22 24 31 22 29 2c 65 2c 6e 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 57 28 29 7b 76 61 72 20 72 3d 5b 5d 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                                        Data Ascii: o=(l=Y(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+Q(l[o]);c=l.join(",")}try{return k.apply(n,f.querySelectorAll(c)),n}catch(e){h(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return re(t.replace(ve,"$1"),e,n,r)}function W(){var r=[];return function
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 75 6e 6c 6f 61 64 22 2c 4d 29 2c 6c 65 2e 67 65 74 42 79 49 64 3d 24 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 72 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 69 64 3d 63 65 2e 65 78 70 61 6e 64 6f 2c 21 54 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 7c 7c 21 54 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 28 63 65 2e 65 78 70 61 6e 64 6f 29 2e 6c 65 6e 67 74 68 7d 29 2c 6c 65 2e 64 69 73 63 6f 6e 6e 65 63 74 65 64 4d 61 74 63 68 3d 24 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 69 2e 63 61 6c 6c 28 65 2c 22 2a 22 29 7d 29 2c 6c 65 2e 73 63 6f 70 65 3d 24 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 54 2e 71 75 65 72 79 53 65 6c 65 63
                                                                                                                                                                                                                                        Data Ascii: addEventListener("unload",M),le.getById=$(function(e){return r.appendChild(e).id=ce.expando,!T.getElementsByName||!T.getElementsByName(ce.expando).length}),le.disconnectedMatch=$(function(e){return i.call(e,"*")}),le.scope=$(function(){return T.querySelec
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 27 22 2b 53 2b 22 2d 5c 72 5c 5c 27 20 64 69 73 61 62 6c 65 64 3d 27 64 69 73 61 62 6c 65 64 27 3e 3c 6f 70 74 69 6f 6e 20 73 65 6c 65 63 74 65 64 3d 27 27 3e 3c 2f 6f 70 74 69 6f 6e 3e 3c 2f 73 65 6c 65 63 74 3e 22 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 73 65 6c 65 63 74 65 64 5d 22 29 2e 6c 65 6e 67 74 68 7c 7c 64 2e 70 75 73 68 28 22 5c 5c 5b 22 2b 67 65 2b 22 2a 28 3f 3a 76 61 6c 75 65 7c 22 2b 66 2b 22 29 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 69 64 7e 3d 22 2b 53 2b 22 2d 5d 22 29 2e 6c 65 6e 67 74 68 7c 7c 64 2e 70 75 73 68 28 22 7e 3d 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 61 23 22 2b 53 2b 22 2b 2a 22 29 2e 6c 65 6e 67 74 68 7c 7c 64 2e 70 75 73 68 28 22 2e
                                                                                                                                                                                                                                        Data Ascii: '"+S+"-\r\\' disabled='disabled'><option selected=''></option></select>",e.querySelectorAll("[selected]").length||d.push("\\["+ge+"*(?:value|"+f+")"),e.querySelectorAll("[id~="+S+"-]").length||d.push("~="),e.querySelectorAll("a#"+S+"+*").length||d.push(".
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 28 74 2c 21 30 29 7d 72 65 74 75 72 6e 20 30 3c 49 28 74 2c 54 2c 6e 75 6c 6c 2c 5b 65 5d 29 2e 6c 65 6e 67 74 68 7d 2c 49 2e 63 6f 6e 74 61 69 6e 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 21 3d 54 26 26 56 28 65 29 2c 63 65 2e 63 6f 6e 74 61 69 6e 73 28 65 2c 74 29 7d 2c 49 2e 61 74 74 72 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 21 3d 54 26 26 56 28 65 29 3b 76 61 72 20 6e 3d 62 2e 61 74 74 72 48 61 6e 64 6c 65 5b 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 2c 72 3d 6e 26 26 75 65 2e 63 61 6c 6c 28 62 2e 61 74 74 72 48 61 6e 64 6c 65 2c 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 3f 6e 28 65 2c 74 2c
                                                                                                                                                                                                                                        Data Ascii: (t,!0)}return 0<I(t,T,null,[e]).length},I.contains=function(e,t){return(e.ownerDocument||e)!=T&&V(e),ce.contains(e,t)},I.attr=function(e,t){(e.ownerDocument||e)!=T&&V(e);var n=b.attrHandle[t.toLowerCase()],r=n&&ue.call(b.attrHandle,t.toLowerCase())?n(e,t,


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        27192.168.2.449773104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC657OUTGET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC788INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Wed, 09 Aug 2023 13:02:38 GMT
                                                                                                                                                                                                                                        ETag: W/"4281e-3509-6027d181b0e38-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4797
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55ffZpSrpnWHORQrTW3rDiD0gP0eVWgawdCYu%2B6UufnRZorz6LwFo0VzXZA3o67z79C15jiVuLBw5NuDFq5VVC%2FH1nJaD29ZN%2Fj4i3iq%2Fs4SOolInXgpc9QvdAA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb702ae84343-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC581INData Raw: 33 35 30 39 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 4d 69 67 72 61 74 65 20 76 33 2e 34 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 2e 6d 69 67 72 61 74 65 4d 75 74 65 26 26 28 6a 51 75 65 72 79 2e 6d 69 67 72 61 74 65 4d 75 74 65 3d 21 30 29 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 6a 71 75 65 72 79 22 5d 2c 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                        Data Ascii: 3509/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */"undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],functio
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 30 7d 28 73 2e 66 6e 2e 6a 71 75 65 72 79 2c 65 29 7d 73 2e 6d 69 67 72 61 74 65 56 65 72 73 69 6f 6e 3d 22 33 2e 34 2e 31 22 3b 76 61 72 20 74 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 3b 73 2e 6d 69 67 72 61 74 65 44 69 73 61 62 6c 65 50 61 74 63 68 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 74 5b 61 72 67 75 6d 65 6e 74 73 5b 65 5d 5d 3d 21 30 7d 2c 73 2e 6d 69 67 72 61 74 65 45 6e 61 62 6c 65 50 61 74 63 68 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 64 65 6c 65 74 65 20 74 5b 61 72 67 75 6d 65 6e 74 73 5b 65 5d 5d 7d 2c 73 2e 6d
                                                                                                                                                                                                                                        Data Ascii: 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.m
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 65 52 65 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6f 3d 7b 7d 2c 73 2e 6d 69 67 72 61 74 65 57 61 72 6e 69 6e 67 73 2e 6c 65 6e 67 74 68 3d 30 7d 2c 22 42 61 63 6b 43 6f 6d 70 61 74 22 3d 3d 3d 6e 2e 64 6f 63 75 6d 65 6e 74 2e 63 6f 6d 70 61 74 4d 6f 64 65 26 26 75 28 22 71 75 69 72 6b 73 22 2c 22 6a 51 75 65 72 79 20 69 73 20 6e 6f 74 20 63 6f 6d 70 61 74 69 62 6c 65 20 77 69 74 68 20 51 75 69 72 6b 73 20 4d 6f 64 65 22 29 3b 76 61 72 20 64 2c 6c 2c 70 2c 66 3d 7b 7d 2c 6d 3d 73 2e 66 6e 2e 69 6e 69 74 2c 79 3d 73 2e 66 69 6e 64 2c 68 3d 2f 5c 5b 28 5c 73 2a 5b 2d 5c 77 5d 2b 5c 73 2a 29 28 5b 7e 7c 5e 24 2a 5d 3f 3d 29 5c 73 2a 28 5b 2d 5c 77 23 5d 2a 3f 23 5b 2d 5c 77 23 5d 2a 29 5c 73 2a 5c 5d 2f 2c 67 3d 2f 5c 5b 28 5c 73 2a 5b 2d 5c 77 5d 2b 5c
                                                                                                                                                                                                                                        Data Ascii: eReset=function(){o={},s.migrateWarnings.length=0},"BackCompat"===n.document.compatMode&&u("quirks","jQuery is not compatible with Quirks Mode");var d,l,p,f={},m=s.fn.init,y=s.find,h=/\[(\s*[-\w]+\s*)([~|^$*]?=)\s*([-\w#]*?#[-\w#]*)\s*\]/,g=/\[(\s*[-\w]+\
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 64 65 70 72 65 63 61 74 65 64 3b 20 75 73 65 20 4a 53 4f 4e 2e 70 61 72 73 65 22 29 2c 63 28 73 2c 22 68 6f 6c 64 52 65 61 64 79 22 2c 73 2e 68 6f 6c 64 52 65 61 64 79 2c 22 68 6f 6c 64 52 65 61 64 79 22 2c 22 6a 51 75 65 72 79 2e 68 6f 6c 64 52 65 61 64 79 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 63 28 73 2c 22 75 6e 69 71 75 65 22 2c 73 2e 75 6e 69 71 75 65 53 6f 72 74 2c 22 75 6e 69 71 75 65 22 2c 22 6a 51 75 65 72 79 2e 75 6e 69 71 75 65 20 69 73 20 64 65 70 72 65 63 61 74 65 64 3b 20 75 73 65 20 6a 51 75 65 72 79 2e 75 6e 69 71 75 65 53 6f 72 74 22 29 2c 72 28 73 2e 65 78 70 72 2c 22 66 69 6c 74 65 72 73 22 2c 73 2e 65 78 70 72 2e 70 73 65 75 64 6f 73 2c 22 65 78 70 72 2d 70 72 65 2d 70 73 65 75 64 6f 73 22 2c 22 6a 51 75 65 72 79 2e 65 78
                                                                                                                                                                                                                                        Data Ascii: deprecated; use JSON.parse"),c(s,"holdReady",s.holdReady,"holdReady","jQuery.holdReady is deprecated"),c(s,"unique",s.uniqueSort,"unique","jQuery.unique is deprecated; use jQuery.uniqueSort"),r(s.expr,"filters",s.expr.pseudos,"expr-pre-pseudos","jQuery.ex
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 70 72 65 63 61 74 65 64 22 29 2c 63 28 73 2c 22 69 73 57 69 6e 64 6f 77 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 65 3d 3d 3d 65 2e 77 69 6e 64 6f 77 7d 2c 22 69 73 57 69 6e 64 6f 77 22 2c 22 6a 51 75 65 72 79 2e 69 73 57 69 6e 64 6f 77 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 29 2c 73 2e 61 6a 61 78 26 26 28 6c 3d 73 2e 61 6a 61 78 2c 70 3d 2f 28 3d 29 5c 3f 28 3f 3d 26 7c 24 29 7c 5c 3f 5c 3f 2f 2c 69 28 73 2c 22 61 6a 61 78 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 6c 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 65 2e 70 72 6f 6d 69 73 65 26 26 28 63 28 65 2c 22 73 75 63 63 65 73 73 22 2c 65 2e 64 6f 6e 65 2c 22 6a 71 58 48 52 2d 6d
                                                                                                                                                                                                                                        Data Ascii: precated"),c(s,"isWindow",function(e){return null!=e&&e===e.window},"isWindow","jQuery.isWindow() is deprecated")),s.ajax&&(l=s.ajax,p=/(=)\?(?=&|$)|\?\?/,i(s,"ajax",function(){var e=l.apply(this,arguments);return e.promise&&(c(e,"success",e.done,"jqXHR-m
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 67 65 74 41 74 74 72 69 62 75 74 65 26 26 74 68 69 73 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 29 7c 7c 22 22 3b 65 26 26 73 2e 64 61 74 61 28 74 68 69 73 2c 22 5f 5f 63 6c 61 73 73 4e 61 6d 65 5f 5f 22 2c 65 29 2c 74 68 69 73 2e 73 65 74 41 74 74 72 69 62 75 74 65 26 26 74 68 69 73 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 2c 21 65 26 26 21 31 21 3d 3d 74 26 26 73 2e 64 61 74 61 28 74 68 69 73 2c 22 5f 5f 63 6c 61 73 73 4e 61 6d 65 5f 5f 22 29 7c 7c 22 22 29 7d 29 29 7d 2c 22 74 6f 67 67 6c 65 43 6c 61 73 73 2d 62 6f 6f 6c 22 29 3b 76 61 72 20 51 2c 41 2c 52 3d 21 31 2c 43 3d 2f 5e 5b 61 2d 7a 5d 2f 2c 4e 3d 2f 5e 28 3f 3a 42 6f 72
                                                                                                                                                                                                                                        Data Ascii: each(function(){var e=this.getAttribute&&this.getAttribute("class")||"";e&&s.data(this,"__className__",e),this.setAttribute&&this.setAttribute("class",!e&&!1!==t&&s.data(this,"__className__")||"")}))},"toggleClass-bool");var Q,A,R=!1,C=/^[a-z]/,N=/^(?:Bor
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 64 22 29 2c 52 65 66 6c 65 63 74 2e 67 65 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 75 28 22 63 73 73 2d 6e 75 6d 62 65 72 22 2c 22 6a 51 75 65 72 79 2e 63 73 73 4e 75 6d 62 65 72 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 52 65 66 6c 65 63 74 2e 73 65 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 29 3a 73 2e 63 73 73 4e 75 6d 62 65 72 3d 41 29 3a 41 3d 73 2e 63 73 73 4e 75 6d 62 65 72 2c 51 3d 73 2e 66 6e 2e 63 73 73 2c 69 28 73 2e 66 6e 2c 22 63 73 73 22 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 72 2c 6e 2c 6f 3d 74 68 69 73 3b 72 65 74 75 72 6e 20 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66
                                                                                                                                                                                                                                        Data Ascii: d"),Reflect.get.apply(this,arguments)},set:function(){return u("css-number","jQuery.cssNumber is deprecated"),Reflect.set.apply(this,arguments)}}):s.cssNumber=A):A=s.cssNumber,Q=s.fn.css,i(s.fn,"css",function(e,t){var r,n,o=this;return e&&"object"==typeof
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 2c 50 3d 22 6a 51 75 65 72 79 2e 66 78 2e 69 6e 74 65 72 76 61 6c 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 2c 6e 2e 72 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 73 2e 66 78 2c 22 69 6e 74 65 72 76 61 6c 22 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 2e 64 6f 63 75 6d 65 6e 74 2e 68 69 64 64 65 6e 7c 7c 75 28 22 66 78 2d 69 6e 74 65 72 76 61 6c 22 2c 50 29 2c 73 2e 6d 69 67 72 61 74 65 49 73 50 61 74 63 68 45 6e 61 62 6c 65 64 28 22 66 78 2d 69 6e 74 65 72 76 61 6c 22 29 26 26 76 6f 69 64 20 30 3d 3d 3d 53 3f 31 33 3a 53 7d 2c 73 65 74 3a 66 75
                                                                                                                                                                                                                                        Data Ascii: ,P="jQuery.fx.interval is deprecated",n.requestAnimationFrame&&Object.defineProperty(s.fx,"interval",{configurable:!0,enumerable:!0,get:function(){return n.document.hidden||u("fx-interval",P),s.migrateIsPatchEnabled("fx-interval")&&void 0===S?13:S},set:fu
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 33 22 2c 22 6a 51 75 65 72 79 2e 66 6e 2e 22 2b 74 2b 22 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 65 2e 73 70 6c 69 63 65 28 30 2c 30 2c 74 29 2c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3f 74 68 69 73 2e 6f 6e 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 3a 28 74 68 69 73 2e 74 72 69 67 67 65 72 48 61 6e 64 6c 65 72 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 2c 74 68 69 73 29 29 7d 2c 22 73 68 6f 72 74 68 61 6e 64 2d 72 65 6d 6f 76 65 64 2d 76 33 22 29 7d 29 2c 73 2e 65 61 63 68 28 22 62 6c 75 72 20 66 6f 63 75 73 20 66 6f 63 75 73 69 6e 20 66 6f 63 75 73 6f 75 74 20 72 65 73 69 7a 65 20 73 63 72 6f 6c 6c 20 63 6c 69 63 6b 20 64 62 6c 63 6c 69 63 6b 20 6d 6f 75 73 65 64 6f 77 6e 20 6d 6f 75 73 65 75 70 20 6d 6f 75 73 65 6d 6f 76 65 20
                                                                                                                                                                                                                                        Data Ascii: 3","jQuery.fn."+t+"() is deprecated"),e.splice(0,0,t),arguments.length?this.on.apply(this,e):(this.triggerHandler.apply(this,e),this))},"shorthand-removed-v3")}),s.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 6c 65 6d 65 6e 74 61 74 69 6f 6e 2e 63 72 65 61 74 65 48 54 4d 4c 44 6f 63 75 6d 65 6e 74 28 22 22 29 3b 72 65 74 75 72 6e 20 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 3d 65 2c 74 2e 62 6f 64 79 26 26 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 7d 76 61 72 20 46 3d 2f 3c 28 3f 21 61 72 65 61 7c 62 72 7c 63 6f 6c 7c 65 6d 62 65 64 7c 68 72 7c 69 6d 67 7c 69 6e 70 75 74 7c 6c 69 6e 6b 7c 6d 65 74 61 7c 70 61 72 61 6d 29 28 28 5b 61 2d 7a 5d 5b 5e 5c 2f 5c 30 3e 5c 78 32 30 5c 74 5c 72 5c 6e 5c 66 5d 2a 29 5b 5e 3e 5d 2a 29 5c 2f 3e 2f 67 69 3b 73 2e 55 4e 53 41 46 45 5f 72 65 73 74 6f 72 65 4c 65 67 61 63 79 48 74 6d 6c 50 72 65 66 69 6c 74 65 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 73 2e 6d 69 67 72 61 74 65 45 6e 61 62 6c 65 50 61 74 63 68 65 73
                                                                                                                                                                                                                                        Data Ascii: lementation.createHTMLDocument("");return t.body.innerHTML=e,t.body&&t.body.innerHTML}var F=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([a-z][^\/\0>\x20\t\r\n\f]*)[^>]*)\/>/gi;s.UNSAFE_restoreLegacyHtmlPrefilter=function(){s.migrateEnablePatches


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        28192.168.2.449771216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1263OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178118368&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=0&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=4182 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        29192.168.2.449772142.251.16.1564437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC778OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&cid=1877982582.1714178120&gtm=45je44o0v890333677za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0 HTTP/1.1
                                                                                                                                                                                                                                        Host: stats.g.doubleclick.net
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        30192.168.2.449776104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC675OUTGET /wp-content/plugins/nextgen-gallery/static/Legacy/ajax.min.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC779INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                                        ETag: W/"1020af-ade-615c1f675be6a-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CjvHHtGF5ozy9zlZmqY496jNek0FvB5FezoRH%2BV%2B6f1hvSDwHqFWdxVuT%2FmejcfcbUov43124n87IkwIDLAPSFVygpdWqtmT5P2jT5BEimEca5uHXun8bt5mpo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb7389b1c34d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC590INData Raw: 61 64 65 0d 0a 2f 2f 20 54 4f 44 4f 3a 20 54 68 69 73 20 66 69 6c 65 20 63 61 6e 20 62 65 20 72 65 6d 6f 76 65 64 20 6f 6e 63 65 20 74 68 65 20 6d 69 6e 69 6d 75 6d 20 50 72 6f 20 41 50 49 20 76 65 72 73 69 6f 6e 20 69 73 20 34 2e 30 0a 45 61 73 79 43 6f 6f 6b 69 65 3d 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 45 50 4f 43 48 3d 27 54 68 75 2c 20 30 31 2d 4a 61 6e 2d 31 39 37 30 20 30 30 3a 30 30 3a 30 31 20 47 4d 54 27 2c 52 41 54 49 4f 3d 31 30 30 30 2a 36 30 2a 36 30 2a 32 34 2c 4b 45 59 53 3d 5b 27 65 78 70 69 72 65 73 27 2c 27 70 61 74 68 27 2c 27 64 6f 6d 61 69 6e 27 5d 2c 65 73 63 3d 65 73 63 61 70 65 2c 75 6e 3d 75 6e 65 73 63 61 70 65 2c 64 6f 63 3d 64 6f 63 75 6d 65 6e 74 2c 6d 65 3b 76 61 72 20 67 65 74 5f 6e 6f 77 3d 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                        Data Ascii: ade// TODO: This file can be removed once the minimum Pro API version is 4.0EasyCookie=(function(){var EPOCH='Thu, 01-Jan-1970 00:00:01 GMT',RATIO=1000*60*60*24,KEYS=['expires','path','domain'],esc=escape,un=unescape,doc=document,me;var get_now=functio
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 6f 69 6e 28 27 3b 20 27 29 3b 7d 0a 20 20 20 20 76 61 72 20 61 6c 69 76 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6b 3d 27 5f 5f 45 43 5f 54 45 53 54 5f 5f 27 2c 76 3d 6e 65 77 20 44 61 74 65 28 29 3b 76 3d 76 2e 74 6f 47 4d 54 53 74 72 69 6e 67 28 29 3b 74 68 69 73 2e 73 65 74 28 6b 2c 76 29 3b 74 68 69 73 2e 65 6e 61 62 6c 65 64 3d 28 74 68 69 73 2e 72 65 6d 6f 76 65 28 6b 29 3d 3d 76 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 6e 61 62 6c 65 64 3b 7d 0a 20 20 20 20 6d 65 3d 7b 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 6b 65 79 2c 76 61 6c 29 7b 76 61 72 20 6f 70 74 3d 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 32 29 3f 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3a 7b 7d 2c 6e 6f 77 3d 67 65 74 5f 6e 6f 77 28 29 2c 65 78 70 69 72 65 5f 61 74
                                                                                                                                                                                                                                        Data Ascii: oin('; ');} var alive=function(){var k='__EC_TEST__',v=new Date();v=v.toGMTString();this.set(k,v);this.enabled=(this.remove(k)==v);return this.enabled;} me={set:function(key,val){var opt=(arguments.length>2)?arguments[2]:{},now=get_now(),expire_at
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC830INData Raw: 5b 31 5d 29 5d 29 3b 7d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 72 3b 7d 2c 76 65 72 73 69 6f 6e 3a 27 30 2e 32 2e 31 27 2c 65 6e 61 62 6c 65 64 3a 66 61 6c 73 65 7d 3b 6d 65 2e 65 6e 61 62 6c 65 64 3d 61 6c 69 76 65 2e 63 61 6c 6c 28 6d 65 29 3b 72 65 74 75 72 6e 20 6d 65 3b 7d 28 29 29 3b 0a 0a 77 69 6e 64 6f 77 2e 4e 67 67 5f 53 74 6f 72 65 20 3d 20 7b 0a 0a 20 20 20 20 67 65 74 3a 20 66 75 6e 63 74 69 6f 6e 28 6b 65 79 29 7b 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 45 61 73 79 43 6f 6f 6b 69 65 2e 67 65 74 28 6b 65 79 29 3b 0a 20 20 20 20 7d 2c 0a 0a 20 20 20 20 73 65 74 3a 20 66 75 6e 63 74 69 6f 6e 28 6b 65 79 2c 20 76 61 6c 75 65 29 7b 0a 20 20 20 20 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 76 61 6c 75 65 29 20 3d 3d 20 27 6f 62
                                                                                                                                                                                                                                        Data Ascii: [1])]);} return r;},version:'0.2.1',enabled:false};me.enabled=alive.call(me);return me;}());window.Ngg_Store = { get: function(key){ return EasyCookie.get(key); }, set: function(key, value){ if (typeof(value) == 'ob
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        31192.168.2.449777104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC671OUTGET /wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC848INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 341
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=660
                                                                                                                                                                                                                                        ETag: "1f8b20-294-5834637ba89bd-gzip"
                                                                                                                                                                                                                                        Last-Modified: Mon, 04 Mar 2019 15:14:49 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4796
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omLgDqBOMqZ48m3oq%2FRUyCYKcUNo8VG3BdpixgGoAHqQR6WZilgKGT7heXj3Zt70rAVjtnm42wJ%2Fip%2BkWyeKaDnj39UNSCz%2Bj%2FO9naGjrVyZQ222hAY%2F93vnYnY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb729e3f7271-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC341INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 2c 24 2c 75 6e 64 65 66 69 6e 65 64 29 7b 76 61 72 20 45 44 44 55 48 3d 7b 69 6e 69 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 45 44 44 55 48 2e 74 72 61 63 6b 48 69 73 74 6f 72 79 28 29 3b 7d 2c 74 72 61 63 6b 48 69 73 74 6f 72 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 24 2e 61 6a 61 78 28 7b 74 79 70 65 3a 22 50 4f 53 54 22 2c 75 72 6c 3a 65 64 64 75 68 2e 61 6a 61 78 55 72 6c 2c 64 61 74 61 3a 7b 61 63 74 69 6f 6e 3a 27 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 27 2c 70 61 67 65 5f 75 72 6c 3a 65 64 64 75 68 2e 63 75 72 72 65 6e 74 55 72 6c 2c 72 65 66 65 72 72 65 72 3a 64 6f 63 75 6d 65 6e 74 2e 72 65 66 65 72 72 65 72 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                        Data Ascii: (function(window,document,$,undefined){var EDDUH={init:function(){EDDUH.trackHistory();},trackHistory:function(){$.ajax({type:"POST",url:edduh.ajaxUrl,data:{action:'edduh_track_history',page_url:edduh.currentUrl,referrer:document.referrer},success:functio


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        32192.168.2.449778104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC683OUTGET /wp-content/plugins/edd-recurring/assets/js/edd-frontend-recurring.js?ver=2.12.3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC843INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:22 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 2726
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=3851
                                                                                                                                                                                                                                        ETag: "ff71e-f0b-615e2e3975a0c-gzip"
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:05 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 3729
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BephTSVMuxbINjDf57wY%2FbMAu06CxPWKYOwcgAqDBSWmJ%2FOtvx8JPkDczDvYv64WnEXlzj2EpcmXfeOzu9BQWrG8U%2BHAI4sO1sE9RLpHaQYY0UmSPxC7EmhkOZk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb730c8d2365-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC526INData Raw: 76 61 72 20 65 64 64 5f 73 63 72 69 70 74 73 3b 6a 51 75 65 72 79 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 24 28 27 2e 65 64 64 5f 73 75 62 73 63 72 69 70 74 69 6f 6e 5f 63 61 6e 63 65 6c 27 29 2e 6f 6e 28 27 63 6c 69 63 6b 27 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 63 6f 6e 66 69 72 6d 28 65 64 64 5f 72 65 63 75 72 72 69 6e 67 5f 76 61 72 73 2e 63 6f 6e 66 69 72 6d 5f 63 61 6e 63 65 6c 29 29 7b 72 65 74 75 72 6e 20 74 72 75 65 3b 7d 0a 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 7d 29 3b 24 28 27 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 27 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 66 6f 72 6d 3d 24 28 74 68 69 73 29 3b 69 66 28 66 6f 72 6d 2e
                                                                                                                                                                                                                                        Data Ascii: var edd_scripts;jQuery(document).ready(function($){$('.edd_subscription_cancel').on('click',function(e){if(confirm(edd_recurring_vars.confirm_cancel)){return true;}return false;});$('.edd_download_purchase_form').each(function(){var form=$(this);if(form.
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC1369INData Raw: 68 6f 77 28 29 3b 7d 65 6c 73 65 20 69 66 28 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 2d 63 70 2d 63 6f 6e 74 61 69 6e 65 72 27 29 2e 6c 65 6e 67 74 68 29 7b 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 5f 63 70 5f 70 72 69 63 65 27 29 2e 6b 65 79 75 70 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 72 2d 74 65 72 6d 73 2d 6e 6f 74 69 63 65 2c 2e 65 64 64 72 2d 73 69 67 6e 75 70 2d 66 65 65 2d 6e 6f 74 69 63 65 27 29 2e 68 69 64 65 28 29 3b 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 72 2d 63 75 73 74 6f 6d 2d 74 65 72 6d 73 2d 6e 6f 74 69 63 65 2c 2e 65 64 64 72 2d 63 75 73 74 6f 6d 2d 73 69 67 6e 75 70 2d 66 65 65 2d 6e 6f 74 69 63 65 27 29 2e 73 68 6f 77 28 29 3b 7d 29 3b 7d 7d 29 3b 24 28 27 23 65 64 64 5f 70 75
                                                                                                                                                                                                                                        Data Ascii: how();}else if(form.find('.edd-cp-container').length){form.find('.edd_cp_price').keyup(function(){form.find('.eddr-terms-notice,.eddr-signup-fee-notice').hide();form.find('.eddr-custom-terms-notice,.eddr-custom-signup-fee-notice').show();});}});$('#edd_pu
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC831INData Raw: 75 6e 74 3d 24 28 27 2e 27 2b 6b 65 79 29 3b 69 66 28 61 6d 6f 75 6e 74 2e 6c 65 6e 67 74 68 29 7b 61 6d 6f 75 6e 74 2e 74 65 78 74 28 64 61 74 61 2e 72 65 63 75 72 72 69 6e 67 5f 73 6c 5b 6b 65 79 5d 29 3b 7d 7d 7d 7d 7d 0a 24 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 27 65 64 64 5f 74 61 78 65 73 5f 72 65 63 61 6c 63 75 6c 61 74 65 64 27 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 72 65 73 70 6f 6e 73 65 29 7b 69 66 28 21 65 64 64 5f 72 65 63 75 72 72 69 6e 67 5f 76 61 72 73 2e 68 61 73 5f 74 72 69 61 6c 29 7b 72 65 74 75 72 6e 3b 7d 0a 6c 65 74 20 73 65 6c 65 63 74 6f 72 3d 24 28 27 2e 65 64 64 5f 72 65 63 75 72 72 69 6e 67 5f 74 72 69 61 6c 5f 74 6f 74 61 6c 5f 6e 6f 74 65 27 29 3b 69 66 28 73 65 6c 65 63 74 6f 72 26 26 24 28 27 2e 65 64 64 5f
                                                                                                                                                                                                                                        Data Ascii: unt=$('.'+key);if(amount.length){amount.text(data.recurring_sl[key]);}}}}}$(document.body).on('edd_taxes_recalculated',function(e,response){if(!edd_recurring_vars.has_trial){return;}let selector=$('.edd_recurring_trial_total_note');if(selector&&$('.edd_


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        33192.168.2.449780104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:22 UTC629OUTGET /js/anchor-offset.js?ver=2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC847INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:23 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 1179
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=2210
                                                                                                                                                                                                                                        ETag: "bec90-8a2-5d42253077a66-gzip"
                                                                                                                                                                                                                                        Last-Modified: Mon, 27 Dec 2021 15:26:10 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4798
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUzVBFINez%2FNrV66S26Qbt47%2BUpBfeiHBqgRyHVy%2Fpk8ikH7Zlc30guMApLVdsRYMaYXWbXbRib%2FLJC6DQMkVLNWsmuBk5Zuyo9qJB96w0Q2Jlu%2BtihBB8jk51Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb75c83b7c8d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC522INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 64 6f 63 75 6d 65 6e 74 2c 68 69 73 74 6f 72 79 2c 6c 6f 63 61 74 69 6f 6e 29 7b 76 61 72 20 48 49 53 54 4f 52 59 5f 53 55 50 50 4f 52 54 3d 21 21 28 68 69 73 74 6f 72 79 26 26 68 69 73 74 6f 72 79 2e 70 75 73 68 53 74 61 74 65 29 3b 76 61 72 20 61 6e 63 68 6f 72 53 63 72 6f 6c 6c 73 3d 7b 41 4e 43 48 4f 52 5f 52 45 47 45 58 3a 2f 5e 23 5b 5e 20 5d 2b 24 2f 2c 4f 46 46 53 45 54 5f 48 45 49 47 48 54 5f 50 58 3a 37 35 2c 69 6e 69 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 73 63 72 6f 6c 6c 54 6f 43 75 72 72 65 6e 74 28 29 3b 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 68 61 73 68 63 68 61 6e 67 65 27 2c 74 68 69 73 2e 73 63 72 6f 6c 6c 54 6f 43 75 72 72 65 6e 74 2e 62 69 6e 64 28 74 68
                                                                                                                                                                                                                                        Data Ascii: (function(document,history,location){var HISTORY_SUPPORT=!!(history&&history.pushState);var anchorScrolls={ANCHOR_REGEX:/^#[^ ]+$/,OFFSET_HEIGHT_PX:75,init:function(){this.scrollToCurrent();window.addEventListener('hashchange',this.scrollToCurrent.bind(th
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC657INData Raw: 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 68 72 65 66 2e 73 6c 69 63 65 28 31 29 29 3b 69 66 28 6d 61 74 63 68 29 7b 72 65 63 74 3d 6d 61 74 63 68 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 28 29 3b 61 6e 63 68 6f 72 4f 66 66 73 65 74 3d 77 69 6e 64 6f 77 2e 70 61 67 65 59 4f 66 66 73 65 74 2b 72 65 63 74 2e 74 6f 70 2d 74 68 69 73 2e 67 65 74 46 69 78 65 64 4f 66 66 73 65 74 28 29 3b 77 69 6e 64 6f 77 2e 73 63 72 6f 6c 6c 54 6f 28 77 69 6e 64 6f 77 2e 70 61 67 65 58 4f 66 66 73 65 74 2c 61 6e 63 68 6f 72 4f 66 66 73 65 74 29 3b 69 66 28 48 49 53 54 4f 52 59 5f 53 55 50 50 4f 52 54 26 26 70 75 73 68 54 6f 48 69 73 74 6f 72 79 29 7b 68 69 73 74 6f 72 79 2e 70 75 73 68 53 74 61 74 65 28 7b 7d 2c 64 6f 63 75 6d 65 6e
                                                                                                                                                                                                                                        Data Ascii: ment.getElementById(href.slice(1));if(match){rect=match.getBoundingClientRect();anchorOffset=window.pageYOffset+rect.top-this.getFixedOffset();window.scrollTo(window.pageXOffset,anchorOffset);if(HISTORY_SUPPORT&&pushToHistory){history.pushState({},documen


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        34192.168.2.449781104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC859OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC1256INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:23 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        Set-Cookie: edduh_hash=a4a455860629eb93928443611f075ce0; expires=Sat, 04-May-2024 00:35:23 GMT; Max-Age=604800; path=/
                                                                                                                                                                                                                                        Set-Cookie: edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; expires=Sat, 04-May-2024 00:35:23 GMT; Max-Age=604800; path=/
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cs6Mhkmf7J3CEIRGLHIseJk8bz3%2FBQGSgb7SL5QaLwZJpRZAci64MdUHcgGaSuw7Xf16vcAN7NPjGT9LG5O0mZlWU9U0vmgXFDP5fPntZTn1%2FbErzM0zhdMAo%2BA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb767eb741e0-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC113INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoup
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC7INData Raw: 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: on=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        35192.168.2.449775104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC768OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178118 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC745INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:23 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fHaHlyqD6u5mIX0YO6%2FTPILpP3VexsJH%2F3jQ8%2FpeZOeBBzh0am9sAEe5%2FOFgVkm3CX8qU3V7iTmlBP6IciQsboJyqnoKPG1XS0YVcBAx8IbJ9zd1EPbZTv4sf8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb78a9d84240-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        36192.168.2.449779104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC795OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC780INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:23 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                                        ETag: W/"ff8c9-865f-615e2e3b4775d-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4654
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pz8%2F7Dqn5OXTsv1KcPnLswPDFDZrEbMuSaBmD%2F%2BQC%2BvDU2bUhAHQ0EQSNYUwmQ0zPDy3OptA02BmFksahYeWyqEH9blUsN%2B4joDO%2Fg%2BeG3tykXzYTZKXnhamSDw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb7a68767c7b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC589INData Raw: 37 63 61 38 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 35 2e 31 31 2e 32 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 2e 66 61 2e 66 61 2d 67 6c 61 73 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 30 22 7d 2e 66 61 2e 66 61 2d 6d 65 65 74 75 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46
                                                                                                                                                                                                                                        Data Ascii: 7ca8/*! * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) */.fa.fa-glass:before{content:"\f000"}.fa.fa-meetup{font-family:'F
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 65 64 22 7d 2e 66 61 2e 66 61 2d 66 69 6c 65 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 66 69 6c 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 35 62 22 7d 2e 66 61 2e 66 61 2d 63 6c 6f 63 6b 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 63 6c 6f 63 6b 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 37 22 7d 2e 66 61 2e 66 61 2d 61 72 72 6f 77 2d 63 69 72 63 6c 65 2d 6f 2d 64 6f 77 6e 7b 66 6f 6e 74 2d 66 61 6d
                                                                                                                                                                                                                                        Data Ascii: content:"\f2ed"}.fa.fa-file-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-file-o:before{content:"\f15b"}.fa.fa-clock-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-clock-o:before{content:"\f017"}.fa.fa-arrow-circle-o-down{font-fam
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 65 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 73 68 61 72 65 2d 73 71 75 61 72 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 34 64 22 7d 2e 66 61 2e 66 61 2d 63 68 65 63 6b 2d 73 71 75 61 72 65 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 63 68 65 63 6b 2d 73 71 75 61 72 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 34 61 22 7d 2e 66 61 2e 66 61 2d 61 72 72 6f 77 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 62 32 22 7d 2e 66
                                                                                                                                                                                                                                        Data Ascii: e-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-share-square-o:before{content:"\f14d"}.fa.fa-check-square-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-check-square-o:before{content:"\f14a"}.fa.fa-arrows:before{content:"\f0b2"}.f
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 74 68 75 6d 62 73 2d 6f 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 35 22 7d 2e 66 61 2e 66 61 2d 68 65 61 72 74 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 65 61 72 74 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 34 22 7d 2e 66 61 2e 66 61 2d 73 69 67 6e 2d 6f 75 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 66 35 22 7d 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 2d 73 71 75 61 72 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74
                                                                                                                                                                                                                                        Data Ascii: some 5 Free';font-weight:400}.fa.fa-thumbs-o-down:before{content:"\f165"}.fa.fa-heart-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-heart-o:before{content:"\f004"}.fa.fa-sign-out:before{content:"\f2f5"}.fa.fa-linkedin-square{font-family:'Font
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 61 2e 66 61 2d 68 64 64 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61 30 22 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 72 69 67 68 74 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61 34 22 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 6c 65 66 74 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61
                                                                                                                                                                                                                                        Data Ascii: a.fa-hdd-o:before{content:"\f0a0"}.fa.fa-hand-o-right{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-hand-o-right:before{content:"\f0a4"}.fa.fa-hand-o-left{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-hand-o-left:before{content:"\f0a
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 64 63 22 7d 2e 66 61 2e 66 61 2d 73 6f 72 74 2d 64 65 73 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 64 64 22 7d 2e 66 61 2e 66 61 2d 73 6f 72 74 2d 61 73 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 64 65 22 7d 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 31 22 7d 2e 66 61 2e 66 61 2d 72 6f 74 61 74 65 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 32 22 7d 2e 66 61 2e 66 61 2d 6c 65 67
                                                                                                                                                                                                                                        Data Ascii: {content:"\f0dc"}.fa.fa-sort-desc:before{content:"\f0dd"}.fa.fa-sort-asc:before{content:"\f0de"}.fa.fa-linkedin{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-linkedin:before{content:"\f0e1"}.fa.fa-rotate-left:before{content:"\f0e2"}.fa.fa-leg
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 22 5c 66 31 61 64 22 7d 2e 66 61 2e 66 61 2d 68 6f 73 70 69 74 61 6c 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 6f 73 70 69 74 61 6c 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 38 22 7d 2e 66 61 2e 66 61 2d 74 61 62 6c 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 66 61 22 7d 2e 66 61 2e 66 61 2d 6d 6f 62 69 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 63 64 22 7d 2e 66 61 2e 66 61 2d 6d 6f 62 69 6c 65 2d 70 68 6f 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 63 64 22 7d 2e 66 61 2e 66 61 2d 63 69 72 63 6c 65 2d 6f 7b 66 6f 6e 74 2d
                                                                                                                                                                                                                                        Data Ascii: "\f1ad"}.fa.fa-hospital-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-hospital-o:before{content:"\f0f8"}.fa.fa-tablet:before{content:"\f3fa"}.fa.fa-mobile:before{content:"\f3cd"}.fa.fa-mobile-phone:before{content:"\f3cd"}.fa.fa-circle-o{font-
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 65 6d 70 74 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 39 22 7d 2e 66 61 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 66 75 6c 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 66 75 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 39 22 7d 2e 66 61 2e 66 61 2d 63 6f 64 65 2d 66 6f 72 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 32 36 22 7d 2e 66 61 2e 66 61 2d
                                                                                                                                                                                                                                        Data Ascii: family:'Font Awesome 5 Free';font-weight:400}.fa.fa-star-half-empty:before{content:"\f089"}.fa.fa-star-half-full{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-star-half-full:before{content:"\f089"}.fa.fa-code-fork:before{content:"\f126"}.fa.fa-
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 35 31 22 7d 2e 66 61 2e 66 61 2d 74 6f 67 67 6c 65 2d 75 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 74 6f 67 67 6c 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 35 31 22 7d 2e 66 61 2e 66 61 2d 63 61 72 65 74 2d 73 71 75 61 72 65 2d 6f 2d 72 69 67 68 74 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 63 61 72 65 74 2d 73 71 75 61 72 65 2d 6f 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 35 32 22 7d 2e
                                                                                                                                                                                                                                        Data Ascii: e{content:"\f151"}.fa.fa-toggle-up{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-toggle-up:before{content:"\f151"}.fa.fa-caret-square-o-right{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-caret-square-o-right:before{content:"\f152"}.
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 6f 72 74 2d 6e 75 6d 65 72 69 63 2d 64 65 73 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 38 36 22 7d 2e 66 61 2e 66 61 2d 79 6f 75 74 75 62 65 2d 73 71 75 61 72 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 79 6f 75 74 75 62 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 78 69 6e 67 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 78 69 6e
                                                                                                                                                                                                                                        Data Ascii: ort-numeric-desc:before{content:"\f886"}.fa.fa-youtube-square{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-youtube{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-xing{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-xin


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        37192.168.2.449782104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC536OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC813INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:24 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6K2cFh8MxiEXYudobBV2I7FwSsJZx9FreUXArtvCP309ldX%2FrZmo3IR6Y92pCBbnKiJMMa8bgok%2FgYlV87P7ku3qHJkZ5wngij9DyjbPurUMYyDyAxQHMsAZuc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb7b7d808cc3-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        38192.168.2.449783104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:23 UTC835OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC774INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:24 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                                        ETag: W/"ff8c8-da71-615e2e3b4775d-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 3500
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RsRCF8fl2MXC5oJWXMRA%2FS8Mc2RtvlahUhTHnX2PNqEgKerEOcYVf9GDJtUvymGP%2FOYB9SrxOa5wXuvQgJIDMQ9XsvE%2Fix6flNB3h%2FZDfAKYFiIvneQo14sL82I%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb7b8a10197c-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC595INData Raw: 37 63 61 65 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 35 2e 31 31 2e 32 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 2e 66 61 2c 2e 66 61 62 2c 2e 66 61 64 2c 2e 66 61 6c 2c 2e 66 61 72 2c 2e 66 61 73 7b 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 67 72 61 79 73 63 61 6c 65 3b 2d
                                                                                                                                                                                                                                        Data Ascii: 7cae/*! * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 69 7a 65 3a 35 65 6d 7d 2e 66 61 2d 36 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 36 65 6d 7d 2e 66 61 2d 37 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 37 65 6d 7d 2e 66 61 2d 38 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 38 65 6d 7d 2e 66 61 2d 39 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 39 65 6d 7d 2e 66 61 2d 31 30 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 65 6d 7d 2e 66 61 2d 66 77 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 77 69 64 74 68 3a 31 2e 32 35 65 6d 7d 2e 66 61 2d 75 6c 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 2e 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 66 61 2d 75 6c 3e 6c 69 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 66 61 2d 6c 69 7b 6c 65 66 74 3a 2d
                                                                                                                                                                                                                                        Data Ascii: ize:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 7d 2e 66 61 2d 73 74 61 63 6b 2d 31 78 2c 2e 66 61 2d 73 74 61 63 6b 2d 32 78 7b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 66 61 2d 73 74 61 63 6b 2d 31 78 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 2e 66 61 2d 73 74 61 63 6b 2d 32 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 2e 66 61 2d 69 6e 76 65 72 73 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 66 61 2d 35 30 30 70 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 36 65 22 7d 2e 66 61 2d 61 63 63 65 73 73 69 62 6c 65 2d 69 63 6f 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 36 38 22 7d 2e 66 61 2d 61 63 63 75 73 6f 66 74 3a 62 65
                                                                                                                                                                                                                                        Data Ascii: }.fa-stack-1x,.fa-stack-2x{left:0;position:absolute;text-align:center;width:100%}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-500px:before{content:"\f26e"}.fa-accessible-icon:before{content:"\f368"}.fa-accusoft:be
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 62 6c 65 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 31 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 64 6f 75 62 6c 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 32 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 37 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 34 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 35 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 36 22 7d 2e 66 61 2d 61 6e 67 72 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66
                                                                                                                                                                                                                                        Data Ascii: ble-right:before{content:"\f101"}.fa-angle-double-up:before{content:"\f102"}.fa-angle-down:before{content:"\f107"}.fa-angle-left:before{content:"\f104"}.fa-angle-right:before{content:"\f105"}.fa-angle-up:before{content:"\f106"}.fa-angry:before{content:"\f
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 32 22 7d 2e 66 61 2d 61 73 74 65 72 69 73 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 36 39 22 7d 2e 66 61 2d 61 73 79 6d 6d 65 74 72 69 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 37 32 22 7d 2e 66 61 2d 61 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 66 61 22 7d 2e 66 61 2d 61 74 6c 61 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 38 22 7d 2e 66 61 2d 61 74 6c 61 73 73 69 61 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 37 62 22 7d 2e 66 61 2d 61 74 6f 6d 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 64 32 22 7d 2e 66 61 2d 61 75 64 69 62 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74
                                                                                                                                                                                                                                        Data Ascii: before{content:"\f2a2"}.fa-asterisk:before{content:"\f069"}.fa-asymmetrik:before{content:"\f372"}.fa-at:before{content:"\f1fa"}.fa-atlas:before{content:"\f558"}.fa-atlassian:before{content:"\f77b"}.fa-atom:before{content:"\f5d2"}.fa-audible:before{content
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 65 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 63 22 7d 2e 66 61 2d 62 65 68 61 6e 63 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 62 34 22 7d 2e 66 61 2d 62 65 68 61 6e 63 65 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 62 35 22 7d 2e 66 61 2d 62 65 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 33 22 7d 2e 66 61 2d 62 65 6c 6c 2d 73 6c 61 73 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 66 36 22 7d 2e 66 61 2d 62 65 7a 69 65 72 2d 63 75 72 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 62 22 7d 2e 66 61 2d 62 69 62 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 34 37 22 7d 2e 66 61 2d 62 69 63 79
                                                                                                                                                                                                                                        Data Ascii: eer:before{content:"\f0fc"}.fa-behance:before{content:"\f1b4"}.fa-behance-square:before{content:"\f1b5"}.fa-bell:before{content:"\f0f3"}.fa-bell-slash:before{content:"\f1f6"}.fa-bezier-curve:before{content:"\f55b"}.fa-bible:before{content:"\f647"}.fa-bicy
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 34 63 22 7d 2e 66 61 2d 62 6f 72 64 65 72 2d 6e 6f 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 35 30 22 7d 2e 66 61 2d 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 35 33 22 7d 2e 66 61 2d 62 6f 77 6c 69 6e 67 2d 62 61 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 33 36 22 7d 2e 66 61 2d 62 6f 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 36 22 7d 2e 66 61 2d 62 6f 78 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 39 65 22 7d 2e 66 61 2d 62 6f 78 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 38 22 7d 2e 66 61 2d 62 72 61 69 6c 6c 65 3a
                                                                                                                                                                                                                                        Data Ascii: :before{content:"\f84c"}.fa-border-none:before{content:"\f850"}.fa-border-style:before{content:"\f853"}.fa-bowling-ball:before{content:"\f436"}.fa-box:before{content:"\f466"}.fa-box-open:before{content:"\f49e"}.fa-boxes:before{content:"\f468"}.fa-braille:
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 61 2d 63 61 6d 65 72 61 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 33 30 22 7d 2e 66 61 2d 63 61 6d 65 72 61 2d 72 65 74 72 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 33 22 7d 2e 66 61 2d 63 61 6d 70 67 72 6f 75 6e 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 62 62 22 7d 2e 66 61 2d 63 61 6e 61 64 69 61 6e 2d 6d 61 70 6c 65 2d 6c 65 61 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 35 22 7d 2e 66 61 2d 63 61 6e 64 79 2d 63 61 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 36 22 7d 2e 66 61 2d 63 61 6e 6e 61 62 69 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 66 22 7d 2e 66 61 2d 63 61 70 73 75 6c 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74
                                                                                                                                                                                                                                        Data Ascii: a-camera:before{content:"\f030"}.fa-camera-retro:before{content:"\f083"}.fa-campground:before{content:"\f6bb"}.fa-canadian-maple-leaf:before{content:"\f785"}.fa-candy-cane:before{content:"\f786"}.fa-cannabis:before{content:"\f55f"}.fa-capsules:before{cont
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 6e 74 3a 22 5c 66 33 38 30 22 7d 2e 66 61 2d 63 65 6e 74 6f 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 39 22 7d 2e 66 61 2d 63 65 72 74 69 66 69 63 61 74 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61 33 22 7d 2e 66 61 2d 63 68 61 69 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 63 30 22 7d 2e 66 61 2d 63 68 61 6c 6b 62 6f 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 31 62 22 7d 2e 66 61 2d 63 68 61 6c 6b 62 6f 61 72 64 2d 74 65 61 63 68 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 31 63 22 7d 2e 66 61 2d 63 68 61 72 67 69 6e 67 2d 73 74 61 74 69 6f 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 65 37 22 7d 2e 66 61 2d 63 68 61 72 74 2d
                                                                                                                                                                                                                                        Data Ascii: nt:"\f380"}.fa-centos:before{content:"\f789"}.fa-certificate:before{content:"\f0a3"}.fa-chair:before{content:"\f6c0"}.fa-chalkboard:before{content:"\f51b"}.fa-chalkboard-teacher:before{content:"\f51c"}.fa-charging-station:before{content:"\f5e7"}.fa-chart-
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 64 22 7d 2e 66 61 2d 63 69 72 63 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 31 31 22 7d 2e 66 61 2d 63 69 72 63 6c 65 2d 6e 6f 74 63 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 63 65 22 7d 2e 66 61 2d 63 69 74 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 34 66 22 7d 2e 66 61 2d 63 6c 69 6e 69 63 2d 6d 65 64 69 63 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 66 32 22 7d 2e 66 61 2d 63 6c 69 70 62 6f 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 32 38 22 7d 2e 66 61 2d 63 6c 69 70 62 6f 61 72 64 2d 63 68 65 63 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 63 22 7d 2e 66 61 2d 63 6c 69 70 62 6f 61 72 64 2d 6c 69 73 74 3a 62 65 66 6f 72
                                                                                                                                                                                                                                        Data Ascii: d"}.fa-circle:before{content:"\f111"}.fa-circle-notch:before{content:"\f1ce"}.fa-city:before{content:"\f64f"}.fa-clinic-medical:before{content:"\f7f2"}.fa-clipboard:before{content:"\f328"}.fa-clipboard-check:before{content:"\f46c"}.fa-clipboard-list:befor


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        39192.168.2.449784104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC885OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:24 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHiU%2FvZq7Fh2UCutiTzfffIHk2EtKGCt5jdaSG2CfNJslUfGQdYUffYXrfSVHQkpTr%2BK%2Bbt4L78oU1rZUBiEl4QA2Yk2LeLd83E7K4q6ZPHZuTcC5qA4i%2BLrYc4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb7cdf4415a3-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                                        Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                                        Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                                        Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                                        Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                                        Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                                        Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                                        Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        40192.168.2.449786104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC817OUTGET /wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC790INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:24 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Mon, 18 Mar 2024 16:01:32 GMT
                                                                                                                                                                                                                                        ETag: W/"1073bf-6e9-613f178ad7b65-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4798
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiSeAzkerZpudcSYUOUNqtK7oQWpbEBTw3JmN1Wj0Djhu%2FLklXb1SpzakA9SVkHg4Y0fKe8%2BBmoEQ3pN5enCP%2BIBiVTO8C%2FtM285m7%2F4Of9b73UVN0zV98zThqc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb7e59da0c88-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC579INData Raw: 36 65 39 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 28 22 2e 74 6d 6c 22 29 2e 6f 6e 28 22 73 75 62 6d 69 74 22 2c 27 66 6f 72 6d 5b 64 61 74 61 2d 61 6a 61 78 3d 22 31 22 5d 27 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 65 3d 6e 28 74 68 69 73 29 2c 73 3d 65 2e 66 69 6e 64 28 22 3a 69 6e 70 75 74 22 29 2c 74 3d 65 2e 66 69 6e 64 28 22 3a 73 75 62 6d 69 74 22 29 2c 72 3d 6e 28 61 2e 64 65 6c 65 67 61 74 65 54 61 72 67 65 74 29 2e 66 69 6e 64 28 22 2e 74 6d 6c 2d 61 6c 65 72 74 73 22 29 3b 61 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 2c 72 2e 65 6d 70 74 79 28 29 2c 73 2e 70 72 6f 70 28 22 72 65 61 64 6f 6e 6c 79 22 2c 21 30 29 2c 74 2e 70 72 6f 70 28 22 64 69 73 61 62 6c 65 64 22 2c 21 30 29 2c 6e 2e 61 6a 61 78 28 7b 64 61 74 61 3a
                                                                                                                                                                                                                                        Data Ascii: 6e9!function(n){n(".tml").on("submit",'form[data-ajax="1"]',function(a){var e=n(this),s=e.find(":input"),t=e.find(":submit"),r=n(a.delegateTarget).find(".tml-alerts");a.preventDefault(),r.empty(),s.prop("readonly",!0),t.prop("disabled",!0),n.ajax({data:
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1197INData Raw: 65 72 72 6f 72 73 29 2e 66 61 64 65 49 6e 28 29 7d 29 2e 66 61 69 6c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 65 2c 73 29 7b 61 2e 72 65 73 70 6f 6e 73 65 4a 53 4f 4e 2e 64 61 74 61 2e 65 72 72 6f 72 73 26 26 72 2e 68 69 64 65 28 29 2e 68 74 6d 6c 28 61 2e 72 65 73 70 6f 6e 73 65 4a 53 4f 4e 2e 64 61 74 61 2e 65 72 72 6f 72 73 29 2e 66 61 64 65 49 6e 28 29 7d 29 7d 29 7d 28 6a 51 75 65 72 79 29 2c 66 75 6e 63 74 69 6f 6e 28 73 29 7b 73 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 2c 65 3b 69 66 28 74 68 65 6d 65 4d 79 4c 6f 67 69 6e 2e 61 63 74 69 6f 6e 29 73 77 69 74 63 68 28 61 3d 73 28 22 23 75 73 65 72 5f 6c 6f 67 69 6e 22 29 2c 74 68 65 6d 65 4d 79 4c 6f 67 69 6e 2e 61 63 74 69 6f 6e 29 7b 63 61 73 65 22 61 63 74 69 76 61 74 65 22 3a 28 65 3d 73 28
                                                                                                                                                                                                                                        Data Ascii: errors).fadeIn()}).fail(function(a,e,s){a.responseJSON.data.errors&&r.hide().html(a.responseJSON.data.errors).fadeIn()})})}(jQuery),function(s){s(function(){var a,e;if(themeMyLogin.action)switch(a=s("#user_login"),themeMyLogin.action){case"activate":(e=s(
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        41192.168.2.449785104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC814OUTGET /wp-content/plugins/nextgen-gallery/static/GalleryDisplay/common.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC841INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:24 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 3792
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=8713
                                                                                                                                                                                                                                        ETag: "102075-2209-615c1f6758f8a-gzip"
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4797
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBC0uHtMMQkgdNEtbyqHGRvcKMv%2FJnmkrKAT90DmTczazis54kGQvoT1Q5K8PlhgGheJCpMDUY8p31H9xkDFvPPQ3pg728JXCoYcTVkKydcaEU1gMIkdGcmUqto%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb8009d5726b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC528INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 77 69 6e 64 6f 77 2e 4e 67 67 50 61 67 69 6e 61 74 65 64 47 61 6c 6c 65 72 79 3d 66 75 6e 63 74 69 6f 6e 28 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 2c 63 6f 6e 74 61 69 6e 65 72 29 7b 74 68 69 73 2e 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 3d 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 3b 74 68 69 73 2e 63 6f 6e 74 61 69 6e 65 72 3d 24 28 63 6f 6e 74 61 69 6e 65 72 29 3b 74 68 69 73 2e 63 6f 6e 74 61 69 6e 65 72 5f 6e 61 6d 65 3d 63 6f 6e 74 61 69 6e 65 72 3b 74 68 69 73 2e 67 65 74 5f 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 6f 62 6a 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 69 6e 64 65 78 3d 27 67 61 6c 6c 65 72 79 5f 27 2b 74 68 69 73 2e 64
                                                                                                                                                                                                                                        Data Ascii: (function($){window.NggPaginatedGallery=function(displayed_gallery_id,container){this.displayed_gallery_id=displayed_gallery_id;this.container=$(container);this.container_name=container;this.get_displayed_gallery_obj=function(){var index='gallery_'+this.d
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 29 2e 70 61 72 65 6e 74 73 28 63 6f 6e 74 61 69 6e 65 72 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 24 28 74 68 69 73 29 2e 64 61 74 61 28 27 6e 65 78 74 67 65 6e 2d 67 61 6c 6c 65 72 79 2d 69 64 27 29 21 3d 73 65 6c 66 2e 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 29 7b 72 65 74 75 72 6e 20 74 72 75 65 3b 7d 0a 73 6b 69 70 3d 66 61 6c 73 65 3b 7d 29 3b 69 66 28 21 73 6b 69 70 29 7b 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 7d 65 6c 73 65 7b 72 65 74 75 72 6e 3b 7d 0a 77 69 6e 64 6f 77 5b 27 6e 67 67 5f 61 6a 61 78 5f 6f 70 65 72 61 74 6f 6e 5f 63 6f 75 6e 74 27 5d 2b 2b 3b 24 28 27 62 6f 64 79 2c 20 61 27 29 2e 63 73 73 28 27 63 75 72 73 6f 72 27 2c 27 77 61 69 74 27 29 3b 24 2e 67 65 74 28
                                                                                                                                                                                                                                        Data Ascii: ).parents(container).each(function(){if($(this).data('nextgen-gallery-id')!=self.displayed_gallery_id){return true;}skip=false;});if(!skip){event.preventDefault();}else{return;}window['ngg_ajax_operaton_count']++;$('body, a').css('cursor','wait');$.get(
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC1369INData Raw: 69 66 28 74 79 70 65 6f 66 28 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 27 61 6a 61 78 5f 70 61 67 69 6e 61 74 69 6f 6e 27 5d 29 21 3d 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 69 66 28 70 61 72 73 65 49 6e 74 28 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 27 61 6a 61 78 5f 70 61 67 69 6e 61 74 69 6f 6e 27 5d 29 29 7b 74 68 69 73 2e 65 6e 61 62 6c 65 5f 61 6a 61 78 5f 70 61 67 69 6e 61 74 69 6f 6e 28 29 3b 7d 7d 7d 0a 69 66 28 74 79 70 65 6f 66 28 77 69 6e 64 6f 77 5b 27 6e 67 67 5f 61 6a 61 78 5f 6f 70 65 72 61 74 69 6f 6e 5f 63 6f 75 6e 74 27 5d 29 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 77 69 6e 64 6f 77 5b 27 6e 67 67 5f 61 6a
                                                                                                                                                                                                                                        Data Ascii: if(typeof(displayed_gallery.display_settings['ajax_pagination'])!='undefined'){if(parseInt(displayed_gallery.display_settings['ajax_pagination'])){this.enable_ajax_pagination();}}}if(typeof(window['ngg_ajax_operation_count'])=='undefined'){window['ngg_aj
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC526INData Raw: 61 6d 65 2c 64 65 66 29 7b 76 61 72 20 74 6d 70 3d 27 27 3b 76 61 72 20 67 61 6c 6c 65 72 79 3d 74 68 69 73 2e 67 65 74 5f 66 72 6f 6d 5f 69 64 28 67 61 6c 6c 65 72 79 5f 69 64 29 3b 69 66 28 67 61 6c 6c 65 72 79 26 26 74 79 70 65 6f 66 20 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 6e 61 6d 65 5d 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 74 6d 70 3d 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 6e 61 6d 65 5d 3b 7d 65 6c 73 65 7b 74 6d 70 3d 64 65 66 3b 7d 0a 69 66 28 74 6d 70 3d 3d 3d 31 29 74 6d 70 3d 74 72 75 65 3b 69 66 28 74 6d 70 3d 3d 3d 30 29 74 6d 70 3d 66 61 6c 73 65 3b 69 66 28 74 6d 70 3d 3d 3d 27 31 27 29 74 6d 70 3d 74 72 75 65 3b 69 66 28 74 6d 70 3d 3d 3d 27 30 27 29 74 6d
                                                                                                                                                                                                                                        Data Ascii: ame,def){var tmp='';var gallery=this.get_from_id(gallery_id);if(gallery&&typeof gallery.display_settings[name]!=='undefined'){tmp=gallery.display_settings[name];}else{tmp=def;}if(tmp===1)tmp=true;if(tmp===0)tmp=false;if(tmp==='1')tmp=true;if(tmp==='0')tm


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        42192.168.2.44978735.190.80.14437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC521OUTOPTIONS /report/v4?s=m6K2cFh8MxiEXYudobBV2I7FwSsJZx9FreUXArtvCP309ldX%2FrZmo3IR6Y92pCBbnKiJMMa8bgok%2FgYlV87P7ku3qHJkZ5wngij9DyjbPurUMYyDyAxQHMsAZuc%3D HTTP/1.1
                                                                                                                                                                                                                                        Host: a.nel.cloudflare.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Request-Method: POST
                                                                                                                                                                                                                                        Access-Control-Request-Headers: content-type
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC336INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        content-length: 0
                                                                                                                                                                                                                                        access-control-max-age: 86400
                                                                                                                                                                                                                                        access-control-allow-methods: OPTIONS, POST
                                                                                                                                                                                                                                        access-control-allow-origin: *
                                                                                                                                                                                                                                        access-control-allow-headers: content-type, content-length
                                                                                                                                                                                                                                        date: Sat, 27 Apr 2024 00:35:24 GMT
                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        43192.168.2.449789104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:24 UTC818OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/lightbox_context.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:25 UTC836INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:24 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 774
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=971
                                                                                                                                                                                                                                        ETag: "1020d4-3cb-615c1f675ce0a-gzip"
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1778
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCqZIn5AAZLi6jTlat2ReilJRYDNQ4TpCT1Sk0uFZURLZg58bgNqf7ReHpZeO9NlFIWmUoz6qsyIjoERTwLe1gQTOWnPo36NRUp18aRWJ0eLd0Ge6NQVIVoUbuo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb80eb19185d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:25 UTC533INData Raw: 66 75 6e 63 74 69 6f 6e 20 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 66 69 6c 74 65 72 5f 73 65 6c 65 63 74 6f 72 28 24 2c 73 65 6c 65 63 74 6f 72 29 0a 7b 69 66 28 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 73 65 74 74 69 6e 67 73 26 26 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 73 65 74 74 69 6e 67 73 2e 63 6f 6e 74 65 78 74 29 7b 76 61 72 20 63 6f 6e 74 65 78 74 3d 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 73 65 74 74 69 6e 67 73 2e 63 6f 6e 74 65 78 74 3b 69 66 28 63 6f 6e 74 65 78 74 3d 3d 27 61 6c 6c 5f 69 6d 61 67 65 73 27 29 7b 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 61 64 64 28 24 28 27 61 20 3e 20 69 6d 67 27 29 2e 70 61 72 65 6e 74 28 29 29 3b 7d 0a 65 6c 73 65 20 69 66 28 63 6f 6e 74 65 78 74 3d
                                                                                                                                                                                                                                        Data Ascii: function nextgen_lightbox_filter_selector($,selector){if(nextgen_lightbox_settings&&nextgen_lightbox_settings.context){var context=nextgen_lightbox_settings.context;if(context=='all_images'){selector=selector.add($('a > img').parent());}else if(context=
                                                                                                                                                                                                                                        2024-04-27 00:35:25 UTC241INData Raw: 67 27 7c 7c 65 78 74 32 3d 3d 27 77 65 62 70 27 29 3b 7d 29 29 3b 7d 0a 65 6c 73 65 20 69 66 28 63 6f 6e 74 65 78 74 3d 3d 27 6e 65 78 74 67 65 6e 5f 61 6e 64 5f 77 70 5f 69 6d 61 67 65 73 27 29 7b 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 61 64 64 28 24 28 27 61 20 3e 20 69 6d 67 5b 63 6c 61 73 73 2a 3d 22 77 70 2d 69 6d 61 67 65 2d 22 5d 27 29 2e 70 61 72 65 6e 74 28 29 29 3b 7d 0a 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 6e 6f 74 28 27 2e 67 61 6c 6c 65 72 79 5f 6c 69 6e 6b 27 29 3b 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 6e 6f 74 28 27 2e 75 73 65 5f 69 6d 61 67 65 62 72 6f 77 73 65 72 5f 65 66 66 65 63 74 27 29 3b 7d 0a 72 65 74 75 72 6e 20 73 65 6c 65 63 74 6f 72 3b 7d
                                                                                                                                                                                                                                        Data Ascii: g'||ext2=='webp');}));}else if(context=='nextgen_and_wp_images'){selector=selector.add($('a > img[class*="wp-image-"]').parent());}selector=selector.not('.gallery_link');selector=selector.not('.use_imagebrowser_effect');}return selector;}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        44192.168.2.449790104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:26 UTC833OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.easing-1.3.pack.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:27 UTC855INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:27 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 3199
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=6717
                                                                                                                                                                                                                                        ETag: "1020c8-1a3d-615c1f675be6a-gzip"
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4800
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FYnwTHuEe7iZlc8%2FPQdMkiq%2BionT6Yh%2BQ8C9RC%2B7FxtLytFvmXeGNSTV%2BIy%2FajEaxWi3ZQgC2qWmz%2FLaD3m10n1WqzooQ2pQvjJI2XwveALeOm75oRdcWHPM00%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb8ddd7e4343-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:27 UTC514INData Raw: 65 76 61 6c 28 66 75 6e 63 74 69 6f 6e 28 70 2c 61 2c 63 2c 6b 2c 65 2c 72 29 7b 65 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 28 63 3c 61 3f 27 27 3a 65 28 70 61 72 73 65 49 6e 74 28 63 2f 61 29 29 29 2b 28 28 63 3d 63 25 61 29 3e 33 35 3f 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 63 2b 32 39 29 3a 63 2e 74 6f 53 74 72 69 6e 67 28 33 36 29 29 7d 3b 69 66 28 21 27 27 2e 72 65 70 6c 61 63 65 28 2f 5e 2f 2c 53 74 72 69 6e 67 29 29 7b 77 68 69 6c 65 28 63 2d 2d 29 72 5b 65 28 63 29 5d 3d 6b 5b 63 5d 7c 7c 65 28 63 29 3b 6b 3d 5b 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 72 5b 65 5d 7d 5d 3b 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 27 5c 5c 77 2b 27 7d 3b 63 3d 31 7d 3b 77 68 69 6c 65 28 63 2d 2d
                                                                                                                                                                                                                                        Data Ascii: eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--
                                                                                                                                                                                                                                        2024-04-27 00:35:27 UTC1369INData Raw: 36 2d 63 2f 32 2a 28 28 2d 2d 74 29 2a 28 74 2d 32 29 2d 31 29 2b 62 7d 2c 58 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 20 63 2a 28 74 2f 3d 64 29 2a 74 2a 74 2b 62 7d 2c 55 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 20 63 2a 28 28 74 3d 74 2f 64 2d 31 29 2a 74 2a 74 2b 31 29 2b 62 7d 2c 52 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 65 28 28 74 2f 3d 64 2f 32 29 3c 31 29 36 20 63 2f 32 2a 74 2a 74 2a 74 2b 62 3b 36 20 63 2f 32 2a 28 28 74 2d 3d 32 29 2a 74 2a 74 2b 32 29 2b 62 7d 2c 4e 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 20 63 2a 28 74 2f 3d 64 29 2a 74 2a 74 2a 74 2b 62 7d 2c 4d 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 2d 63 2a 28 28 74 3d 74 2f 64 2d 31 29 2a 74 2a 74 2a 74 2d 31 29 2b 62 7d 2c 4c 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29
                                                                                                                                                                                                                                        Data Ascii: 6-c/2*((--t)*(t-2)-1)+b},X:9(x,t,b,c,d){6 c*(t/=d)*t*t+b},U:9(x,t,b,c,d){6 c*((t=t/d-1)*t*t+1)+b},R:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t+b;6 c/2*((t-=2)*t*t+2)+b},N:9(x,t,b,c,d){6 c*(t/=d)*t*t*t+b},M:9(x,t,b,c,d){6-c*((t=t/d-1)*t*t*t-1)+b},L:9(x,t,b,c,d)
                                                                                                                                                                                                                                        2024-04-27 00:35:27 UTC1316INData Raw: 21 70 29 70 3d 64 2a 28 2e 33 2a 31 2e 35 29 3b 65 28 61 3c 38 2e 77 28 63 29 29 7b 61 3d 63 3b 66 20 73 3d 70 2f 34 7d 6d 20 66 20 73 3d 70 2f 28 32 2a 38 2e 67 29 2a 38 2e 72 28 63 2f 61 29 3b 65 28 74 3c 31 29 36 2d 2e 35 2a 28 61 2a 38 2e 6a 28 32 2c 31 30 2a 28 74 2d 3d 31 29 29 2a 38 2e 6e 28 28 74 2a 64 2d 73 29 2a 28 32 2a 38 2e 67 29 2f 70 29 29 2b 62 3b 36 20 61 2a 38 2e 6a 28 32 2c 2d 31 30 2a 28 74 2d 3d 31 29 29 2a 38 2e 6e 28 28 74 2a 64 2d 73 29 2a 28 32 2a 38 2e 67 29 2f 70 29 2a 2e 35 2b 63 2b 62 7d 2c 46 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 2c 73 29 7b 65 28 73 3d 3d 75 29 73 3d 31 2e 6c 3b 36 20 63 2a 28 74 2f 3d 64 29 2a 74 2a 28 28 73 2b 31 29 2a 74 2d 73 29 2b 62 7d 2c 45 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 2c 73 29 7b 65 28 73 3d 3d
                                                                                                                                                                                                                                        Data Ascii: !p)p=d*(.3*1.5);e(a<8.w(c)){a=c;f s=p/4}m f s=p/(2*8.g)*8.r(c/a);e(t<1)6-.5*(a*8.j(2,10*(t-=1))*8.n((t*d-s)*(2*8.g)/p))+b;6 a*8.j(2,-10*(t-=1))*8.n((t*d-s)*(2*8.g)/p)*.5+c+b},F:9(x,t,b,c,d,s){e(s==u)s=1.l;6 c*(t/=d)*t*((s+1)*t-s)+b},E:9(x,t,b,c,d,s){e(s==


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        45192.168.2.44979135.190.80.14437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:27 UTC468OUTPOST /report/v4?s=m6K2cFh8MxiEXYudobBV2I7FwSsJZx9FreUXArtvCP309ldX%2FrZmo3IR6Y92pCBbnKiJMMa8bgok%2FgYlV87P7ku3qHJkZ5wngij9DyjbPurUMYyDyAxQHMsAZuc%3D HTTP/1.1
                                                                                                                                                                                                                                        Host: a.nel.cloudflare.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 402
                                                                                                                                                                                                                                        Content-Type: application/reports+json
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:27 UTC402OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 37 33 32 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 36 2e 35 2e 31 30 32 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 61 64 6d
                                                                                                                                                                                                                                        Data Ascii: [{"age":0,"body":{"elapsed_time":732,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.26.5.102","status_code":400,"type":"http.error"},"type":"network-error","url":"https://bitsum.com/wp-adm
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC168INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        content-length: 0
                                                                                                                                                                                                                                        date: Sat, 27 Apr 2024 00:35:27 GMT
                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        46192.168.2.449792104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:27 UTC773OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC832INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:35:28 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uvnxboyZ5E%2B%2BvFDeJeywDSeOq%2BGQGXbvdswB2r%2BJ%2FF9bMuJv2%2FP3FawidIKX77MyAqOEJKBFG%2BtZbMEx9%2BbFt0EgC5D19LKi1McyEifbnZ3b9LDgFySoJKgCFU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb94d96d7c88-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC537INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d
                                                                                                                                                                                                                                        Data Ascii: ,.navbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 6f 75 74 73 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74
                                                                                                                                                                                                                                        Data Ascii: outset #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_but
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC596INData Raw: 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d
                                                                                                                                                                                                                                        Data Ascii: background-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        47192.168.2.449793104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC904OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5ebWMaMiszQHgRfSUaEYuYRA%2F1PPq%2Faa6aglF2m0zWQsKKtAslmQTyGOayug99uuBTfxGeY0vrUf4XW0FGQoxWHhESD5WTNWWZzjKpW87%2FiT7S2BL6Cw%2FZlt9k%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb95db256a5e-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        48192.168.2.449795104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC813OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178124 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; _ga_ZV0D0J286B=GS1.1.1714178119.1.0.1714178119.60.0.0; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC747INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVwuhzlbhUDqBXWmZ9qKJ2IdMBi50txL4AwA8gWvXj6%2Fm1%2B6fx4huT%2FYzBzqhePNGorOV6s%2FeFmCTcCl0i8uxbBYcvJWfs1I%2BAZ9gC8j0YF5wN0WiI3bLibReBA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9679fb15cb-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        49192.168.2.449794216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178124162&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=4100 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        50192.168.2.449796192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC517OUTGET /e-202417.js HTTP/1.1
                                                                                                                                                                                                                                        Host: stats.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC432INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 7329
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        x-minify: t
                                                                                                                                                                                                                                        x-minify-cache: hit
                                                                                                                                                                                                                                        etag: W/14377-1704402356563.6672
                                                                                                                                                                                                                                        Expires: Tue, 22 Apr 2025 00:00:08 GMT
                                                                                                                                                                                                                                        Cache-Control: max-age=31536000
                                                                                                                                                                                                                                        Access-Control-Allow-Methods: GET, HEAD
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        X-nc: HIT jfk
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC937INData Raw: 77 69 6e 64 6f 77 2e 77 70 63 6f 6d 3d 77 69 6e 64 6f 77 2e 77 70 63 6f 6d 7c 7c 7b 7d 3b 77 69 6e 64 6f 77 2e 5f 73 74 71 3d 77 69 6e 64 6f 77 2e 5f 73 74 71 7c 7c 5b 5d 3b 66 75 6e 63 74 69 6f 6e 20 73 74 5f 67 6f 28 74 29 7b 77 69 6e 64 6f 77 2e 5f 73 74 71 2e 70 75 73 68 28 5b 22 76 69 65 77 22 2c 74 5d 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 6c 69 6e 6b 74 72 61 63 6b 65 72 5f 69 6e 69 74 28 74 2c 65 29 7b 77 69 6e 64 6f 77 2e 5f 73 74 71 2e 70 75 73 68 28 5b 22 63 6c 69 63 6b 54 72 61 63 6b 65 72 49 6e 69 74 22 2c 74 2c 65 5d 29 7d 3b 77 69 6e 64 6f 77 2e 77 70 63 6f 6d 2e 73 74 61 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 6e 3b 76 61 72 20 6f 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c
                                                                                                                                                                                                                                        Data Ascii: window.wpcom=window.wpcom||{};window._stq=window._stq||[];function st_go(t){window._stq.push(["view",t])};function linktracker_init(t,e){window._stq.push(["clickTrackerInit",t,e])};window.wpcom.stats=function(){var t=function(){var t,n;var o=function(t,e,
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 6a 65 63 74 22 21 3d 3d 74 79 70 65 6f 66 20 65 29 72 65 74 75 72 6e 3b 77 68 69 6c 65 28 22 41 22 21 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 65 2e 6e 6f 64 65 4e 61 6d 65 29 72 65 74 75 72 6e 3b 69 66 28 22 6f 62 6a 65 63 74 22 21 3d 3d 74 79 70 65 6f 66 20 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 72 65 74 75 72 6e 3b 65 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 7d 3b 69 66 28 66 28 65 29 29 72 65 74 75 72 6e 3b 69 66 28 22 6a 61 76 61 73 63 72 69 70 74 3a 22 3d 3d 3d 65 2e 70 72 6f 74 6f 63 6f 6c 29 72 65 74 75 72 6e 3b 77 69 6e 64 6f 77 2e 5f 73 74 71 2e 70 75 73 68 28 5b 22 63 6c 69 63 6b 22 2c 7b 73 3a 22 32 22 2c 75 3a 65 2e 68 72 65 66 2c 72 3a 22 75 6e 64 65 66 69 6e 65 64 22 21
                                                                                                                                                                                                                                        Data Ascii: ject"!==typeof e)return;while("A"!==e.nodeName){if("undefined"===typeof e.nodeName)return;if("object"!==typeof e.parentNode)return;e=e.parentNode};if(f(e))return;if("javascript:"===e.protocol)return;window._stq.push(["click",{s:"2",u:e.href,r:"undefined"!
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 2e 65 66 66 65 63 74 69 76 65 54 79 70 65 7d 69 66 28 65 2e 72 74 74 29 7b 74 2e 63 6f 6e 6e 5f 72 74 74 3d 65 2e 72 74 74 7d 69 66 28 65 2e 64 6f 77 6e 6c 69 6e 6b 29 7b 74 2e 63 6f 6e 6e 5f 64 6f 77 6e 6c 69 6e 6b 3d 65 2e 64 6f 77 6e 6c 69 6e 6b 7d 7d 69 66 28 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 29 7b 76 61 72 20 6e 3d 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 3b 69 66 28 77 69 6e 64 6f 77 2e 50 65 72 66 6f 72 6d 61 6e 63 65 4e 61 76 69 67 61 74 69 6f 6e 54 69 6d 69 6e 67 29 7b 76 61 72 20 6f 3d 6e 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54 79 70 65 28 22 6e 61 76 69 67 61 74 69 6f 6e 22 29 5b 30 5d 3b 69 66 28 6f 2e 6e 65 78 74 48 6f 70 50 72 6f 74 6f 63 6f 6c 29 7b 74 2e 70 72 6f 74 6f 63 6f 6c 3d 6f 2e 6e 65 78 74 48 6f
                                                                                                                                                                                                                                        Data Ascii: .effectiveType}if(e.rtt){t.conn_rtt=e.rtt}if(e.downlink){t.conn_downlink=e.downlink}}if(window.performance){var n=window.performance;if(window.PerformanceNavigationTiming){var o=n.getEntriesByType("navigation")[0];if(o.nextHopProtocol){t.protocol=o.nextHo
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 74 69 6f 6e 3b 66 2b 3d 31 7d 65 6c 73 65 20 69 66 28 22 63 73 73 22 3d 3d 3d 6a 29 7b 75 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 61 2b 3d 31 7d 65 6c 73 65 20 69 66 28 22 67 69 66 22 3d 3d 3d 6a 7c 7c 22 6a 70 67 22 3d 3d 3d 6a 7c 7c 22 6a 70 65 67 22 3d 3d 3d 6a 7c 7c 22 70 6e 67 22 3d 3d 3d 6a 29 7b 6c 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 64 2b 3d 31 7d 65 6c 73 65 20 69 66 28 22 77 6f 66 66 22 3d 3d 3d 6a 7c 7c 22 77 6f 66 66 32 22 3d 3d 3d 6a 7c 7c 22 74 74 66 22 3d 3d 3d 6a 7c 7c 22 6f 74 66 22 3d 3d 3d 6a 29 7b 6d 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 63 2b 3d 31 7d 65 6c 73 65 7b 77 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 73 2b 3d 31 7d 7d 65 6c 73 65 7b 77 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 73 2b 3d 31 7d 7d 74 2e 66 69 6c 65 73 5f 6f 72 69
                                                                                                                                                                                                                                        Data Ascii: tion;f+=1}else if("css"===j){u+=E.duration;a+=1}else if("gif"===j||"jpg"===j||"jpeg"===j||"png"===j){l+=E.duration;d+=1}else if("woff"===j||"woff2"===j||"ttf"===j||"otf"===j){m+=E.duration;c+=1}else{w+=E.duration;s+=1}}else{w+=E.duration;s+=1}}t.files_ori
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 5f 75 69 3d 66 28 29 3b 74 2e 5f 75 74 3d 22 61 6e 6f 6e 22 3b 74 2e 5f 65 6e 3d 22 6a 65 74 70 61 63 6b 5f 70 61 67 65 76 69 65 77 5f 74 69 6d 69 6e 67 22 3b 76 61 72 20 65 3d 6e 65 77 20 44 61 74 65 3b 74 2e 5f 74 73 3d 65 2e 67 65 74 54 69 6d 65 28 29 3b 74 2e 5f 74 7a 3d 65 2e 67 65 74 54 69 6d 65 7a 6f 6e 65 4f 66 66 73 65 74 28 29 2f 36 30 3b 76 61 72 20 6e 3d 77 69 6e 64 6f 77 2e 6e 61 76 69 67 61 74 6f 72 3b 76 61 72 20 6f 3d 77 69 6e 64 6f 77 2e 73 63 72 65 65 6e 3b 74 2e 5f 6c 67 3d 6e 2e 6c 61 6e 67 75 61 67 65 3b 74 2e 5f 70 66 3d 6e 2e 70 6c 61 74 66 6f 72 6d 3b 74 2e 5f 68 74 3d 6f 2e 68 65 69 67 68 74 3b 74 2e 5f 77 64 3d 6f 2e 77 69 64 74 68 3b 76 61 72 20 69 3d 77 69 6e 64 6f 77 2e 70 61 67 65 58 4f 66 66 73 65 74 21 3d 3d 75 6e 64 65 66
                                                                                                                                                                                                                                        Data Ascii: _ui=f();t._ut="anon";t._en="jetpack_pageview_timing";var e=new Date;t._ts=e.getTime();t._tz=e.getTimezoneOffset()/60;var n=window.navigator;var o=window.screen;t._lg=n.language;t._pf=n.platform;t._ht=o.height;t._wd=o.width;var i=window.pageXOffset!==undef
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC916INData Raw: 69 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6f 28 22 63 2e 67 69 66 22 2c 6e 28 74 29 2c 66 61 6c 73 65 29 7d 2c 63 6c 69 63 6b 54 72 61 63 6b 65 72 49 6e 69 74 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 74 2e 69 6e 69 74 28 65 2c 6e 29 7d 2c 73 61 6d 70 6c 65 50 65 72 66 6f 72 6d 61 6e 63 65 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 29 7b 69 66 28 21 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 29 7b 72 65 74 75 72 6e 7d 76 61 72 20 61 3d 7b 62 6c 6f 67 3a 74 2c 70 6f 73 74 3a 65 2c 62 6c 6f 67 5f 69 64 3a 74 2c 6a 65 74 70 61 63 6b 5f 76 65 72 73 69 6f 6e 3a 72 7d 3b 64 28 61 29 3b 69 28 61 29 3b 6f 28 22 74 2e 67 69 66 22 2c 6e 28 61 29 29 7d 7d 3b 76 61 72 20 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f
                                                                                                                                                                                                                                        Data Ascii: ick:function(t){o("c.gif",n(t),false)},clickTrackerInit:function(e,n){t.init(e,n)},samplePerformance:function(t,e,r){if(!window.performance){return}var a={blog:t,post:e,blog_id:t,jetpack_version:r};d(a);i(a);o("t.gif",n(a))}};var s=function(){return typeo


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        51192.168.2.449797104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC837OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.pack.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC820INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 14132
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        ETag: "1020ce-3734-615c1f675ce0a-gzip"
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4800
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IA9ukk1J6nGDneru3BaaNrDicCmhfUo9rzMiDQOQOHA%2FcOjIXe9%2Fn00jH6FraKtvZ3e9G%2BDfSjjS7F60c37M4UePR877uCPLajvUsjzZDXWP3NdJrigRb5W%2BQzs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb96ea4380d6-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC549INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 63 29 7b 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 6c 2e 68 69 64 65 28 29 2c 6a 2e 6f 6e 65 72 72 6f 72 3d 6a 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 4f 26 26 4f 2e 61 62 6f 72 74 28 29 2c 73 2e 65 6d 70 74 79 28 29 7d 66 75 6e 63 74 69 6f 6e 20 68 28 29 7b 69 66 28 21 31 3d 3d 3d 6d 2e 6f 6e 45 72 72 6f 72 28 76 2c 78 2c 6d 29 29 72 65 74 75 72 6e 20 6c 2e 68 69 64 65 28 29 2c 46 3d 21 31 3b 6d 2e 74 69 74 6c 65 53 68 6f 77 3d 21 31 2c 6d 2e 77 69 64 74 68 3d 22 61 75 74 6f 22 2c 6d 2e 68 65 69 67 68 74 3d 22 61 75 74 6f 22 2c 73 2e 68 74 6d 6c 28 27 3c 70 20 69 64 3d 22 66 61 6e 63 79 62 6f 78 2d 65 72 72 6f 72 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 6e 74 65 6e 74 20 63 61 6e 6e 6f 74 20 62 65 20 6c 6f 61 64 65
                                                                                                                                                                                                                                        Data Ascii: !function(c){function r(){l.hide(),j.onerror=j.onload=null,O&&O.abort(),s.empty()}function h(){if(!1===m.onError(v,x,m))return l.hide(),F=!1;m.titleShow=!1,m.width="auto",m.height="auto",s.html('<p id="fancybox-error">The requested content cannot be loade
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 29 7c 7c 22 22 2c 64 2e 6e 6f 64 65 4e 61 6d 65 26 26 21 6d 2e 6f 72 69 67 26 26 28 6d 2e 6f 72 69 67 3d 63 28 64 29 2e 63 68 69 6c 64 72 65 6e 28 22 69 6d 67 3a 66 69 72 73 74 22 29 2e 6c 65 6e 67 74 68 3f 63 28 64 29 2e 63 68 69 6c 64 72 65 6e 28 22 69 6d 67 3a 66 69 72 73 74 22 29 3a 63 28 64 29 29 2c 22 22 3d 3d 3d 65 26 26 6d 2e 6f 72 69 67 26 26 6d 2e 74 69 74 6c 65 46 72 6f 6d 41 6c 74 26 26 28 65 3d 6d 2e 6f 72 69 67 2e 61 74 74 72 28 22 61 6c 74 22 29 29 2c 6e 3d 6d 2e 68 72 65 66 7c 7c 28 64 2e 6e 6f 64 65 4e 61 6d 65 3f 63 28 64 29 2e 61 74 74 72 28 22 68 72 65 66 22 29 3a 64 2e 68 72 65 66 29 7c 7c 6e 75 6c 6c 2c 21 2f 5e 28 3f 3a 6a 61 76 61 73 63 72 69 70 74 29 2f 69 2e 74 65 73 74 28 6e 29 26 26 22 23 22 21 3d 6e 7c 7c 28 6e 3d 6e 75 6c 6c
                                                                                                                                                                                                                                        Data Ascii: )||"",d.nodeName&&!m.orig&&(m.orig=c(d).children("img:first").length?c(d).children("img:first"):c(d)),""===e&&m.orig&&m.titleFromAlt&&(e=m.orig.attr("alt")),n=m.href||(d.nodeName?c(d).attr("href"):d.href)||null,!/^(?:javascript)/i.test(n)&&"#"!=n||(n=null
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 41 63 74 69 76 69 74 79 28 29 2c 28 6a 3d 6e 65 77 20 49 6d 61 67 65 29 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 68 28 29 7d 2c 6a 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 46 3d 21 30 2c 6a 2e 6f 6e 65 72 72 6f 72 3d 6a 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 42 28 29 7d 2c 6a 2e 73 72 63 3d 6e 3b 62 72 65 61 6b 3b 63 61 73 65 22 73 77 66 22 3a 6d 2e 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 2c 69 3d 27 3c 6f 62 6a 65 63 74 20 63 6c 61 73 73 69 64 3d 22 63 6c 73 69 64 3a 44 32 37 43 44 42 36 45 2d 41 45 36 44 2d 31 31 63 66 2d 39 36 42 38 2d 34 34 34 35 35 33 35 34 30 30 30 30 22 20 77 69 64 74 68 3d 22 27 2b 6d 2e 77 69 64 74 68 2b 27 22 20 68 65 69 67 68 74 3d 22 27 2b 6d 2e 68 65 69 67 68 74 2b 27 22 3e 3c 70 61 72 61
                                                                                                                                                                                                                                        Data Ascii: Activity(),(j=new Image).onerror=function(){h()},j.onload=function(){F=!0,j.onerror=j.onload=null,B()},j.src=n;break;case"swf":m.scrolling="no",i='<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="'+m.width+'" height="'+m.height+'"><para
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 65 6e 64 28 63 28 22 3c 64 69 76 2f 3e 22 29 5b 30 5d 2c 7b 70 72 6f 70 3a 30 7d 29 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 6d 2e 77 69 64 74 68 2c 65 3d 6d 2e 68 65 69 67 68 74 2c 74 3d 2d 31 3c 74 2e 74 6f 53 74 72 69 6e 67 28 29 2e 69 6e 64 65 78 4f 66 28 22 25 22 29 3f 70 61 72 73 65 49 6e 74 28 28 63 28 77 69 6e 64 6f 77 29 2e 77 69 64 74 68 28 29 2d 32 2a 6d 2e 6d 61 72 67 69 6e 29 2a 70 61 72 73 65 46 6c 6f 61 74 28 74 29 2f 31 30 30 2c 31 30 29 2b 22 70 78 22 3a 22 61 75 74 6f 22 3d 3d 74 3f 22 61 75 74 6f 22 3a 74 2b 22 70 78 22 2c 65 3d 2d 31 3c 65 2e 74 6f 53 74 72 69 6e 67 28 29 2e 69 6e 64 65 78 4f 66 28 22 25 22 29 3f 70 61 72 73 65 49 6e 74 28 28 63 28 77 69 6e 64 6f 77 29 2e 68 65 69 67 68 74 28 29 2d 32 2a 6d 2e 6d 61
                                                                                                                                                                                                                                        Data Ascii: end(c("<div/>")[0],{prop:0}),P=function(){var t=m.width,e=m.height,t=-1<t.toString().indexOf("%")?parseInt((c(window).width()-2*m.margin)*parseFloat(t)/100,10)+"px":"auto"==t?"auto":t+"px",e=-1<e.toString().indexOf("%")?parseInt((c(window).height()-2*m.ma
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 6e 74 65 6e 74 73 28 29 29 2e 66 61 64 65 54 6f 28 43 2e 63 68 61 6e 67 65 46 61 64 65 2c 31 2c 7a 29 7d 63 2e 65 76 65 6e 74 2e 74 72 69 67 67 65 72 28 22 66 61 6e 63 79 62 6f 78 2d 63 68 61 6e 67 65 22 29 2c 66 2e 65 6d 70 74 79 28 29 2e 72 65 6d 6f 76 65 41 74 74 72 28 22 66 69 6c 74 65 72 22 29 2e 63 73 73 28 7b 22 62 6f 72 64 65 72 2d 77 69 64 74 68 22 3a 43 2e 70 61 64 64 69 6e 67 2c 77 69 64 74 68 3a 77 2e 77 69 64 74 68 2d 32 2a 43 2e 70 61 64 64 69 6e 67 2c 68 65 69 67 68 74 3a 6d 2e 61 75 74 6f 44 69 6d 65 6e 73 69 6f 6e 73 3f 22 61 75 74 6f 22 3a 77 2e 68 65 69 67 68 74 2d 41 2d 32 2a 43 2e 70 61 64 64 69 6e 67 7d 29 2c 65 3f 74 28 29 3a 28 4e 2e 70 72 6f 70 3d 30 2c 63 28 4e 29 2e 61 6e 69 6d 61 74 65 28 7b 70 72 6f 70 3a 31 7d 2c 7b 64 75 72
                                                                                                                                                                                                                                        Data Ascii: ntents()).fadeTo(C.changeFade,1,z)}c.event.trigger("fancybox-change"),f.empty().removeAttr("filter").css({"border-width":C.padding,width:w.width-2*C.padding,height:m.autoDimensions?"auto":w.height-A-2*C.padding}),e?t():(N.prop=0,c(N).animate({prop:1},{dur
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 6e 29 7b 63 61 73 65 22 69 6e 73 69 64 65 22 3a 70 2e 63 73 73 28 7b 77 69 64 74 68 3a 77 2e 77 69 64 74 68 2d 32 2a 43 2e 70 61 64 64 69 6e 67 2c 6d 61 72 67 69 6e 4c 65 66 74 3a 43 2e 70 61 64 64 69 6e 67 2c 6d 61 72 67 69 6e 52 69 67 68 74 3a 43 2e 70 61 64 64 69 6e 67 7d 29 2c 41 3d 70 2e 6f 75 74 65 72 48 65 69 67 68 74 28 21 30 29 2c 70 2e 61 70 70 65 6e 64 54 6f 28 65 29 2c 77 2e 68 65 69 67 68 74 2b 3d 41 3b 62 72 65 61 6b 3b 63 61 73 65 22 6f 76 65 72 22 3a 70 2e 63 73 73 28 7b 6d 61 72 67 69 6e 4c 65 66 74 3a 43 2e 70 61 64 64 69 6e 67 2c 77 69 64 74 68 3a 77 2e 77 69 64 74 68 2d 32 2a 43 2e 70 61 64 64 69 6e 67 2c 62 6f 74 74 6f 6d 3a 43 2e 70 61 64 64 69 6e 67 7d 29 2e 61 70 70 65 6e 64 54 6f 28 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 66 6c
                                                                                                                                                                                                                                        Data Ascii: n){case"inside":p.css({width:w.width-2*C.padding,marginLeft:C.padding,marginRight:C.padding}),A=p.outerHeight(!0),p.appendTo(e),w.height+=A;break;case"over":p.css({marginLeft:C.padding,width:w.width-2*C.padding,bottom:C.padding}).appendTo(e);break;case"fl
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 72 4f 6e 53 63 72 6f 6c 6c 26 26 63 28 77 69 6e 64 6f 77 29 2e 6f 6e 28 22 73 63 72 6f 6c 6c 2e 66 62 22 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 63 65 6e 74 65 72 29 2c 22 69 66 72 61 6d 65 22 3d 3d 43 2e 74 79 70 65 26 26 63 28 27 3c 69 66 72 61 6d 65 20 69 64 3d 22 66 61 6e 63 79 62 6f 78 2d 66 72 61 6d 65 22 20 6e 61 6d 65 3d 22 66 61 6e 63 79 62 6f 78 2d 66 72 61 6d 65 27 2b 28 6e 65 77 20 44 61 74 65 29 2e 67 65 74 54 69 6d 65 28 29 2b 27 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 68 73 70 61 63 65 3d 22 30 22 20 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 27 2b 6d 2e 73 63 72 6f 6c 6c 69 6e 67 2b 27 22 20 73 72 63 3d 22 27 2b 43 2e 68 72 65 66 2b 27 22 3e 3c 2f 69 66 72 61 6d 65 3e 27 29 2e 61 70 70 65 6e 64 54 6f 28 66 29 2c 6e 2e 73 68 6f 77 28 29
                                                                                                                                                                                                                                        Data Ascii: rOnScroll&&c(window).on("scroll.fb",c.fancybox.center),"iframe"==C.type&&c('<iframe id="fancybox-frame" name="fancybox-frame'+(new Date).getTime()+'" frameborder="0" hspace="0" scrolling="'+m.scrolling+'" src="'+C.href+'"></iframe>').appendTo(f),n.show()
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 78 28 65 5b 33 5d 2d 32 30 2c 65 5b 33 5d 2b 2e 35 2a 28 65 5b 31 5d 2d 69 2e 68 65 69 67 68 74 2d 34 30 29 29 2c 31 30 29 2c 69 2e 6c 65 66 74 3d 70 61 72 73 65 49 6e 74 28 4d 61 74 68 2e 6d 61 78 28 65 5b 32 5d 2d 32 30 2c 65 5b 32 5d 2b 2e 35 2a 28 65 5b 30 5d 2d 69 2e 77 69 64 74 68 2d 34 30 29 29 2c 31 30 29 2c 69 7d 2c 52 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 2c 69 2c 6e 3d 21 21 6d 2e 6f 72 69 67 26 26 63 28 6d 2e 6f 72 69 67 29 3b 72 65 74 75 72 6e 20 6e 26 26 6e 2e 6c 65 6e 67 74 68 3f 28 28 69 3d 28 65 3d 6e 29 2e 6f 66 66 73 65 74 28 29 29 2e 74 6f 70 2b 3d 70 61 72 73 65 49 6e 74 28 65 2e 63 73 73 28 22 70 61 64 64 69 6e 67 54 6f 70 22 29 2c 31 30 29 7c 7c 30 2c 69 2e 6c 65 66 74 2b 3d 70 61 72 73 65 49 6e 74 28 65 2e 63 73
                                                                                                                                                                                                                                        Data Ascii: x(e[3]-20,e[3]+.5*(e[1]-i.height-40)),10),i.left=parseInt(Math.max(e[2]-20,e[2]+.5*(e[0]-i.width-40)),10),i},R=function(){var t,e,i,n=!!m.orig&&c(m.orig);return n&&n.length?((i=(e=n).offset()).top+=parseInt(e.css("paddingTop"),10)||0,i.left+=parseInt(e.cs
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 2e 64 61 74 61 28 22 66 61 6e 63 79 62 6f 78 22 2c 63 2e 65 78 74 65 6e 64 28 7b 63 6f 6e 74 65 6e 74 3a 74 7d 2c 65 29 29 2c 76 2e 70 75 73 68 28 74 29 3b 28 78 3e 76 2e 6c 65 6e 67 74 68 7c 7c 78 3c 30 29 26 26 28 78 3d 30 29 2c 61 28 29 7d 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 73 68 6f 77 41 63 74 69 76 69 74 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 62 29 2c 6c 2e 73 68 6f 77 28 29 2c 62 3d 73 65 74 49 6e 74 65 72 76 61 6c 28 74 2c 36 36 29 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 68 69 64 65 41 63 74 69 76 69 74 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6c 2e 68 69 64 65 28 29 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 6e 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 63 2e 66 61 6e 63 79 62 6f 78 2e
                                                                                                                                                                                                                                        Data Ascii: .data("fancybox",c.extend({content:t},e)),v.push(t);(x>v.length||x<0)&&(x=0),a()}},c.fancybox.showActivity=function(){clearInterval(b),l.show(),b=setInterval(t,66)},c.fancybox.hideActivity=function(){l.hide()},c.fancybox.next=function(){return c.fancybox.
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 68 65 69 67 68 74 28 29 29 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 63 65 6e 74 65 72 28 21 30 29 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 63 65 6e 74 65 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 3b 46 7c 7c 28 65 3d 21 30 3d 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 30 5d 3f 31 3a 30 2c 74 3d 6f 28 29 2c 21 65 26 26 28 6e 2e 77 69 64 74 68 28 29 3e 74 5b 30 5d 7c 7c 6e 2e 68 65 69 67 68 74 28 29 3e 74 5b 31 5d 29 7c 7c 6e 2e 73 74 6f 70 28 29 2e 61 6e 69 6d 61 74 65 28 7b 74 6f 70 3a 70 61 72 73 65 49 6e 74 28 4d 61 74 68 2e 6d 61 78 28 74 5b 33 5d 2d 32 30 2c 74 5b 33 5d 2b 2e 35 2a 28 74 5b 31 5d 2d 66 2e 68 65 69 67 68 74 28 29 2d 34 30 29 2d 43 2e 70 61 64 64 69 6e 67 29 29 2c 6c 65 66 74 3a 70 61 72 73 65 49 6e 74 28 4d 61 74 68 2e 6d 61 78 28
                                                                                                                                                                                                                                        Data Ascii: height()),c.fancybox.center(!0)},c.fancybox.center=function(){var t,e;F||(e=!0===arguments[0]?1:0,t=o(),!e&&(n.width()>t[0]||n.height()>t[1])||n.stop().animate({top:parseInt(Math.max(t[3]-20,t[3]+.5*(t[1]-f.height()-40)-C.padding)),left:parseInt(Math.max(


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        52192.168.2.449799104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC815OUTGET /wp-content/plugins/easy-digital-downloads-pro/assets/js/edd-ajax.js?ver=3.2.11 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC790INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Sat, 30 Mar 2024 10:21:06 GMT
                                                                                                                                                                                                                                        ETag: W/"101209-30af-614de1d4422d8-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKE1g9wDgFBeM%2F6%2FLpWPDon6%2B4WJupHLFI8%2FqR9%2FNQ29Opr6Adj1hwLs3YqpC39pGIgdHsxtK9bHhKYR8WKw2h87u1QA%2Bwm3pTj%2B5GwoIa%2FdS7oPCAGkTS5FOI0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb96ffea7c7b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC579INData Raw: 33 30 61 66 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 64 28 61 29 7b 69 66 28 74 5b 61 5d 29 72 65 74 75 72 6e 20 74 5b 61 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 72 3d 74 5b 61 5d 3d 7b 69 3a 61 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 61 5d 2e 63 61 6c 6c 28 72 2e 65 78 70 6f 72 74 73 2c 72 2c 72 2e 65 78 70 6f 72 74 73 2c 64 29 2c 72 2e 6c 3d 21 30 2c 72 2e 65 78 70 6f 72 74 73 7d 64 2e 6d 3d 65 2c 64 2e 63 3d 74 2c 64 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 61 29 7b 64 2e 6f 28 65 2c 74 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 61 7d 29 7d 2c 64
                                                                                                                                                                                                                                        Data Ascii: 30af!function(e){var t={};function d(a){if(t[a])return t[a].exports;var r=t[a]={i:a,l:!1,exports:{}};return e[a].call(r.exports,r,r.exports,d),r.l=!0,r.exports}d.m=e,d.c=t,d.d=function(e,t,a){d.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:a})},d
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 50 72 6f 70 65 72 74 79 28 61 2c 22 64 65 66 61 75 6c 74 22 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 65 7d 29 2c 32 26 74 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 66 6f 72 28 76 61 72 20 72 20 69 6e 20 65 29 64 2e 64 28 61 2c 72 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 5b 74 5d 7d 2e 62 69 6e 64 28 6e 75 6c 6c 2c 72 29 29 3b 72 65 74 75 72 6e 20 61 7d 2c 64 2e 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72 65 74 75 72 6e 20 64 2e 64 28 74 2c 22 61 22 2c 74 29 2c 74 7d 2c 64 2e
                                                                                                                                                                                                                                        Data Ascii: Property(a,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)d.d(a,r,function(t){return e[t]}.bind(null,r));return a},d.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return d.d(t,"a",t),t},d.
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 22 2c 75 72 6c 3a 65 64 64 5f 73 63 72 69 70 74 73 2e 61 6a 61 78 75 72 6c 2c 78 68 72 46 69 65 6c 64 73 3a 7b 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 3a 21 30 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 74 2e 72 65 6d 6f 76 65 64 29 7b 69 66 28 70 61 72 73 65 49 6e 74 28 65 64 64 5f 73 63 72 69 70 74 73 2e 70 6f 73 69 74 69 6f 6e 5f 69 6e 5f 63 61 72 74 2c 31 30 29 3d 3d 3d 70 61 72 73 65 49 6e 74 28 61 2c 31 30 29 7c 7c 65 64 64 5f 73 63 72 69 70 74 73 2e 68 61 73 5f 70 75 72 63 68 61 73 65 5f 6c 69 6e 6b 73 29 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2c 21 31 3b 65 28 22 2e 65 64 64 2d 63 61 72 74 22 29 2e 65 61 63 68 28 28 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                        Data Ascii: ",url:edd_scripts.ajaxurl,xhrFields:{withCredentials:!0},success:function(t){if(t.removed){if(parseInt(edd_scripts.position_in_cart,10)===parseInt(a,10)||edd_scripts.has_purchase_links)return window.location=window.location,!1;e(".edd-cart").each((functio
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 73 63 72 69 70 74 73 2e 65 6d 70 74 79 5f 63 61 72 74 5f 6d 65 73 73 61 67 65 2b 22 3c 2f 6c 69 3e 22 29 7d 29 29 29 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 74 72 69 67 67 65 72 28 22 65 64 64 5f 63 61 72 74 5f 69 74 65 6d 5f 72 65 6d 6f 76 65 64 22 2c 5b 74 5d 29 7d 7d 7d 29 2e 66 61 69 6c 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 26 26 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 65 29 7d 29 29 2e 64 6f 6e 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 7d 29 29 2c 21 31 7d 29 29 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 65 64 64 41 64 64 54 6f 43 61 72 74 22 2c 22 2e 65 64 64 2d 61 64 64 2d 74 6f 2d 63 61 72
                                                                                                                                                                                                                                        Data Ascii: scripts.empty_cart_message+"</li>")}))),e(document.body).trigger("edd_cart_item_removed",[t])}}}).fail((function(e){window.console&&window.console.log&&console.log(e)})).done((function(e){})),!1})),e(document.body).on("click.eddAddToCart",".edd-add-to-car
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 74 73 2e 63 75 72 72 65 6e 74 5f 70 61 67 65 2c 74 69 6d 65 73 74 61 6d 70 3a 64 2e 64 61 74 61 28 22 74 69 6d 65 73 74 61 6d 70 22 29 2c 74 6f 6b 65 6e 3a 64 2e 64 61 74 61 28 22 74 6f 6b 65 6e 22 29 7d 3b 72 65 74 75 72 6e 20 65 2e 61 6a 61 78 28 7b 74 79 70 65 3a 22 50 4f 53 54 22 2c 64 61 74 61 3a 6c 2c 64 61 74 61 54 79 70 65 3a 22 6a 73 6f 6e 22 2c 75 72 6c 3a 65 64 64 5f 73 63 72 69 70 74 73 2e 61 6a 61 78 75 72 6c 2c 78 68 72 46 69 65 6c 64 73 3a 7b 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 3a 21 30 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 63 3d 22 31 22 3d 3d 3d 65 64 64 5f 73 63 72 69 70 74 73 2e 72 65 64 69 72 65 63 74 5f 74 6f 5f 63 68 65 63 6b 6f 75 74 2c 73 3d 22 31 22 3d 3d 3d 61 2e 66 69 6e 64 28 22
                                                                                                                                                                                                                                        Data Ascii: ts.current_page,timestamp:d.data("timestamp"),token:d.data("token")};return e.ajax({type:"POST",data:l,dataType:"json",url:edd_scripts.ajaxurl,xhrFields:{withCredentials:!0},success:function(t){var c="1"===edd_scripts.redirect_to_checkout,s="1"===a.find("
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 65 28 29 2c 65 28 22 2e 65 64 64 5f 67 6f 5f 74 6f 5f 63 68 65 63 6b 6f 75 74 22 2c 72 29 2e 73 68 6f 77 28 29 29 2c 22 6d 75 6c 74 69 22 3d 3d 3d 69 26 26 64 2e 72 65 6d 6f 76 65 41 74 74 72 28 22 64 61 74 61 2d 65 64 64 2d 6c 6f 61 64 69 6e 67 22 29 2c 65 28 22 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 22 29 2e 6c 65 6e 67 74 68 26 26 28 22 6e 6f 22 3d 3d 3d 6f 7c 7c 21 61 2e 66 69 6e 64 28 22 2e 65 64 64 5f 70 72 69 63 65 5f 6f 70 74 69 6f 6e 5f 22 2b 6e 29 2e 69 73 28 22 69 6e 70 75 74 3a 68 69 64 64 65 6e 22 29 29 29 7b 76 61 72 20 5f 3d 65 28 27 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 20 2a 5b 64 61 74 61 2d 64 6f 77 6e 6c 6f 61 64 2d 69 64 3d 22 27 2b 6e 2b 27 22 5d 27
                                                                                                                                                                                                                                        Data Ascii: e(),e(".edd_go_to_checkout",r).show()),"multi"===i&&d.removeAttr("data-edd-loading"),e(".edd_download_purchase_form").length&&("no"===o||!a.find(".edd_price_option_"+n).is("input:hidden"))){var _=e('.edd_download_purchase_form *[data-download-id="'+n+'"]'
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 3e 3c 2f 73 70 61 6e 3e 27 29 3b 76 61 72 20 61 3d 7b 61 63 74 69 6f 6e 3a 22 65 64 64 5f 70 72 6f 63 65 73 73 5f 63 68 65 63 6b 6f 75 74 5f 6c 6f 67 69 6e 22 2c 65 64 64 5f 61 6a 61 78 3a 31 2c 65 64 64 5f 75 73 65 72 5f 6c 6f 67 69 6e 3a 65 28 22 23 65 64 64 5f 6c 6f 67 69 6e 5f 66 69 65 6c 64 73 20 23 65 64 64 5f 75 73 65 72 5f 6c 6f 67 69 6e 22 29 2e 76 61 6c 28 29 2c 65 64 64 5f 75 73 65 72 5f 70 61 73 73 3a 65 28 22 23 65 64 64 5f 6c 6f 67 69 6e 5f 66 69 65 6c 64 73 20 23 65 64 64 5f 75 73 65 72 5f 70 61 73 73 22 29 2e 76 61 6c 28 29 2c 65 64 64 5f 6c 6f 67 69 6e 5f 6e 6f 6e 63 65 3a 65 28 22 23 65 64 64 5f 6c 6f 67 69 6e 5f 6e 6f 6e 63 65 22 29 2e 76 61 6c 28 29 7d 3b 65 2e 70 6f 73 74 28 65 64 64 5f 67 6c 6f 62 61 6c 5f 76 61 72 73 2e 61 6a 61 78
                                                                                                                                                                                                                                        Data Ascii: ></span>');var a={action:"edd_process_checkout_login",edd_ajax:1,edd_user_login:e("#edd_login_fields #edd_user_login").val(),edd_user_pass:e("#edd_login_fields #edd_user_pass").val(),edd_login_nonce:e("#edd_login_nonce").val()};e.post(edd_global_vars.ajax
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 65 73 22 2c 63 6f 75 6e 74 72 79 3a 64 2e 76 61 6c 28 29 2c 66 69 65 6c 64 5f 6e 61 6d 65 3a 72 2c 6e 6f 6e 63 65 3a 65 28 74 68 69 73 29 2e 64 61 74 61 28 22 6e 6f 6e 63 65 22 29 7d 3b 65 2e 61 6a 61 78 28 7b 74 79 70 65 3a 22 50 4f 53 54 22 2c 64 61 74 61 3a 69 2c 75 72 6c 3a 65 64 64 5f 73 63 72 69 70 74 73 2e 61 6a 61 78 75 72 6c 2c 78 68 72 46 69 65 6c 64 73 3a 7b 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 3a 21 30 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 64 3b 28 64 3d 22 6e 6f 73 74 61 74 65 73 22 3d 3d 3d 65 2e 74 72 69 6d 28 74 29 3f 27 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 69 64 3d 22 27 2b 72 2b 27 22 20 6e 61 6d 65 3d 22 63 61 72 64 5f 73 74 61 74 65 22 20 63 6c 61 73 73 3d 22 63 61 72
                                                                                                                                                                                                                                        Data Ascii: es",country:d.val(),field_name:r,nonce:e(this).data("nonce")};e.ajax({type:"POST",data:i,url:edd_scripts.ajaxurl,xhrFields:{withCredentials:!0},success:function(t){var d;(d="nostates"===e.trim(t)?'<input type="text" id="'+r+'" name="card_state" class="car
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 63 68 65 63 6b 6f 75 74 5f 65 72 72 6f 72 22 2c 5b 74 5d 29 29 7d 29 29 7d 7d 29 29 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 22 63 68 61 6e 67 65 22 2c 22 23 65 64 64 5f 63 63 5f 61 64 64 72 65 73 73 20 69 6e 70 75 74 2e 63 61 72 64 5f 73 74 61 74 65 2c 20 23 65 64 64 5f 63 63 5f 61 64 64 72 65 73 73 20 73 65 6c 65 63 74 2c 20 23 65 64 64 5f 61 64 64 72 65 73 73 5f 63 6f 75 6e 74 72 79 2c 20 2e 65 64 64 2d 73 74 72 69 70 65 2d 63 61 72 64 2d 69 74 65 6d 20 2e 63 61 72 64 2d 61 64 64 72 65 73 73 2d 66 69 65 6c 64 73 20 2e 61 64 64 72 65 73 73 5f 63 6f 75 6e 74 72 79 22 2c 6e 29 2c 77 69 6e 64 6f 77 2e 75 70 64 61 74 65 5f 73 74 61 74 65 5f 66 69 65 6c 64 3d 6e 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 22 63 68 61
                                                                                                                                                                                                                                        Data Ascii: checkout_error",[t]))}))}})),e(document.body).on("change","#edd_cc_address input.card_state, #edd_cc_address select, #edd_address_country, .edd-stripe-card-item .card-address-fields .address_country",n),window.update_state_field=n,e(document.body).on("cha
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC940INData Raw: 6e 64 28 22 23 62 69 6c 6c 69 6e 67 5f 63 6f 75 6e 74 72 79 22 29 2e 76 61 6c 28 29 2c 5f 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 61 64 64 72 65 73 73 22 29 2e 76 61 6c 28 29 2c 6c 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 61 64 64 72 65 73 73 5f 32 22 29 2e 76 61 6c 28 29 2c 75 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 63 69 74 79 22 29 2e 76 61 6c 28 29 2c 70 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 73 74 61 74 65 22 29 2e 76 61 6c 28 29 3b 74 7c 7c 28 74 3d 70 29 3b 76 61 72 20 6d 3d 7b 61 63 74 69 6f 6e 3a 22 65 64 64 5f 72 65 63 61 6c 63 75 6c 61 74 65 5f 74 61 78 65 73 22 2c 63 61 72 64 5f 61 64 64 72 65 73 73 3a 5f 2c 63 61 72 64 5f 61 64 64 72 65 73 73 5f 32 3a 6c 2c 63 61 72 64 5f 63 69 74 79 3a 75 2c 63 61 72 64 5f 7a 69 70 3a 63
                                                                                                                                                                                                                                        Data Ascii: nd("#billing_country").val(),_=c.find("#card_address").val(),l=c.find("#card_address_2").val(),u=c.find("#card_city").val(),p=c.find("#card_state").val();t||(t=p);var m={action:"edd_recalculate_taxes",card_address:_,card_address_2:l,card_city:u,card_zip:c


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        53192.168.2.449798104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC832OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/nextgen_fancybox_init.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC850INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 508
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=962
                                                                                                                                                                                                                                        ETag: "1020d2-3c2-615c1f675ce0a-gzip"
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1612
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0x%2FKp1LqWOKjA%2Bd%2BiGOKzonBLlIqcrYXLMbh%2BR%2BJEr8VGLmOwBM78RTViai8JVRZ64%2FcloFaZg7NA4mnFsfnjeC%2B7EMDGQ961aJoJ95gQ3ALOHssvT5hLChm0c%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb96fc2bc402-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC508INData Raw: 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 76 61 72 20 6e 65 78 74 67 65 6e 5f 66 61 6e 63 79 62 6f 78 5f 69 6e 69 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 73 65 6c 65 63 74 6f 72 3d 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 66 69 6c 74 65 72 5f 73 65 6c 65 63 74 6f 72 28 24 2c 24 28 22 2e 6e 67 67 2d 66 61 6e 63 79 62 6f 78 22 29 29 3b 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 65 3d 3e 7b 6c 65 74 20 24 74 61 72 67 65 74 3d 24 28 65 2e 74 61 72 67 65 74 29 3b 69 66 28 24 74 61 72 67 65 74 2e 69 73 28 73 65 6c 65 63 74 6f 72 29 7c 7c 24 74 61 72 67 65 74 2e 70 61 72 65 6e 74 73 28 27 61 27 29 2e 69 73 28 73 65 6c 65 63 74 6f 72 29 29 7b 65 2e 70 72 65 76 65 6e 74 44 65
                                                                                                                                                                                                                                        Data Ascii: jQuery(function($){var nextgen_fancybox_init=function(){var selector=nextgen_lightbox_filter_selector($,$(".ngg-fancybox"));window.addEventListener("click",e=>{let $target=$(e.target);if($target.is(selector)||$target.parents('a').is(selector)){e.preventDe


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        54192.168.2.449800216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1243OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178118368&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=0&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=5&tfd=11733 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        55192.168.2.449801216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1694OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178118368&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        56192.168.2.449803104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC824OUTGET /wp-content/themes/meminz/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: font
                                                                                                                                                                                                                                        Referer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC769INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: font/woff2
                                                                                                                                                                                                                                        Content-Length: 66624
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Mon, 23 Nov 2015 14:28:42 GMT
                                                                                                                                                                                                                                        ETag: "103a3b-10440-525360aba5a80"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1612
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIzJKOjGP36dHLoH9%2BJomLF%2BtgfhsE2VWonGU73P3ndE0t%2BlDRE%2Fu9Czi5Mb56io6rDYOtMNV%2Bm8p0srOlC3p2JjC5TD4LrKRxhiwTBviA5g0dwSCbFLHNjml%2Fo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb98cff2c3f3-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC600INData Raw: 77 4f 46 32 00 01 00 00 00 01 04 40 00 0e 00 00 00 02 2a e8 00 01 03 e0 00 04 01 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 06 60 00 85 72 11 08 0a 87 f6 1c 86 b0 35 01 36 02 24 03 94 0a 0b 8a 10 00 04 20 05 87 08 07 b0 20 3f 77 65 62 66 06 5b fc c1 91 80 d6 40 d6 8c 17 e5 a6 6e 43 80 c7 cb 9c e5 74 01 54 4c b7 c9 a1 f4 66 05 88 d6 74 1d a1 c8 c8 b0 71 00 c6 e8 a9 35 fb ff ff ff 3f 3d 69 88 6c e5 d2 91 5c db 76 6c 20 82 03 54 ff 83 ec 90 62 16 d2 15 d9 20 f4 31 07 66 c3 ba 9e 37 d4 54 87 51 d3 0a 8a 82 44 13 3b 3a bf d0 ae 12 31 95 6c d7 be 6a 76 88 af 65 d2 07 ec d2 6e 93 0f 45 89 a8 07 df a0 6b 35 3e ef a3 64 0f 37 51 a9 6c 8a 7f 42 61 94 dc 0a 92 75 e2 78 5d 2e f9 85 8b d6 f9 c0 57 92 43 b5 86 91 c8 24 ae 38
                                                                                                                                                                                                                                        Data Ascii: wOF2@*?FFTM `r56$ ?webf[@nCtTLftq5?=il\vl Tb 1f7TQD;:1ljvenEk5>d7QlBaux].WC$8
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 4e 57 c6 36 6b 2e d5 39 5d ba a8 76 1d 1f eb a1 9a ea ff ac 24 43 66 b4 76 c0 76 fa 10 78 40 10 b0 2d 4a b8 60 47 b0 97 d9 77 d4 fe 77 5b 10 d8 41 83 c0 14 13 04 b8 e5 34 03 6d 73 49 3e 00 c5 ff cf 69 ef d9 cf 13 f3 18 1e 70 05 c3 80 46 28 32 62 b5 bb da 18 7e 48 c9 5d 4a 95 5d 94 b1 6a dd b9 ad dc d4 46 cd 66 2d 7e 0b 40 fc c7 f3 c5 1a fa 67 67 0f 42 a0 2d a0 05 54 78 ee 25 a9 aa 70 55 d5 75 9e 8c 6d 65 07 ce 09 06 27 bf fa b2 ba 01 1c e2 e5 3b c6 01 e8 40 37 d0 0d 74 03 3d 70 4e d0 03 ea b2 fa 1d 0f 2f 5f 1f 55 38 c0 80 0d 94 ef 72 e2 86 c0 f0 ff 73 f6 9d f3 58 3d 67 d7 af 84 84 c2 48 08 11 a0 9d 1a ed 88 e8 95 16 6a 94 11 63 d8 d9 8e 90 dc 9f 64 d7 93 5f 31 6c 3a 31 69 81 e2 49 a0 b4 54 94 72 84 d7 3e a3 ba aa ed c0 76 7b 47 62 d8 b6 b1 a9 54 31 2a ef
                                                                                                                                                                                                                                        Data Ascii: NW6k.9]v$Cfvvx@-J`Gww[A4msI>ipF(2b~H]J]jFf-~@ggB-Tx%pUume';@7t=pN/_U8rsX=gHjcd_1l:1iITr>v{GbT1*
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 44 6f bb 50 d5 24 e3 d4 44 af 11 e8 7d 11 15 5c a8 8b b0 5a 28 69 31 c7 25 87 84 d7 77 65 1a 36 41 d2 d5 95 bc 07 ac 8d 4a 5d 16 4d 34 65 b4 88 20 c3 67 b8 92 c4 c8 e5 62 f1 94 3e 6a 40 91 14 a6 dc 65 55 77 0a 75 a7 4e ea 53 33 15 40 7d 08 a2 b7 33 41 ee 99 58 c3 ca 3f 64 b5 9b 7a ac 38 69 1e 14 43 2f d5 c1 c9 9b c4 00 e5 4a 4b 45 00 af 96 c4 27 26 85 c4 5d e1 10 3d cf 7a ce ff 1a ba 5f a1 84 1f 7a 3b 90 f9 08 fd 1e 10 e5 26 e8 d9 1c 4b 0d 12 c6 06 52 e2 88 8f 57 03 6b c3 34 39 0c 93 00 bf 81 65 01 62 87 2c ec 9e 67 38 e3 ef 7b 6f 3e e2 64 bc 62 37 6c 31 6a f5 7c ca 98 80 12 55 de f3 00 b5 6f ca 23 cf df 5b 55 09 7b 33 37 2a 2a 45 f2 03 66 5b 0f 44 34 47 6a 41 fb d1 a2 0d 27 e1 3a ef 9e 19 e3 d2 de cc c9 f8 d4 85 38 b6 fc 60 57 bf 07 46 14 f1 92 1d f3 63
                                                                                                                                                                                                                                        Data Ascii: DoP$D}\Z(i1%we6AJ]M4e gb>j@eUwuNS3@}3AX?dz8iC/JKE'&]=z_z;&KRWk49eb,g8{o>db7l1j|Uo#[U{37**Ef[D4GjA':8`WFc
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 6f 5d d3 9e a4 1e 20 0f 02 bc b7 1a 4a e9 38 61 34 da 36 a4 26 d7 30 33 33 3d d5 06 05 39 9e 05 29 ca 76 cc 9e ae f5 be 26 d2 da cd 4a 50 56 de fd cc 1a cb a2 30 fa db 5c 98 71 ac 24 ae b6 a9 48 ea e9 59 10 88 31 69 b6 be 39 ff 1e 2f 99 69 a3 7d ab b7 34 2c 7f 72 a4 d3 70 d5 bb 80 a6 72 cd 57 c7 75 62 cf 15 88 f9 69 dc 9d 13 b3 46 b7 23 a3 0b 1b 5d c0 ee 17 95 da b1 29 62 ab ba cb 2f cf 35 02 ac d5 4c 4e f4 8e 05 c7 23 0e 27 84 4f 67 ad 1a 6e 9a 78 28 61 d3 91 14 c4 10 25 b3 63 74 bd b0 eb 11 7b e9 96 26 9b 5c 60 fd db d5 ee cd ce 4e 9e cb c4 51 f8 6d a0 8b 87 95 d0 ae 9c 05 54 c9 bd d5 e3 7d c7 e9 48 79 fe ca c9 91 5c 2e 5f 2d d3 1d 6b f0 ae cc f0 c6 73 ff c1 74 aa 2a ce f8 35 24 78 8c 29 4d b5 2f ab e7 86 a1 d9 54 3d 62 71 7b 3a ee 01 59 44 db f0 e0 04
                                                                                                                                                                                                                                        Data Ascii: o] J8a46&033=9)v&JPV0\q$HY1i9/i}4,rprWubiF#])b/5LN#'Ognx(a%ct{&\`NQmT}Hy\._-kst*5$x)M/T=bq{:YD
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 78 f2 34 d3 20 ce aa 02 ca a1 68 24 81 e8 e0 44 b1 a4 b8 94 17 a9 ff eb 49 e1 f9 ed 50 31 87 52 75 a9 6e 36 cd 8f de 3c 5b 78 f8 38 52 77 8a 71 19 e3 e3 74 51 49 9c a4 9e 61 20 0a be 32 c2 5f 55 fb 5a 98 93 89 24 ee 56 20 98 f1 1e 5e 58 47 72 e7 0e 03 3d 0b 98 9e 77 9c 44 df 75 4a 7a b0 01 da 1c 6b 33 bb ac 9c 50 45 00 76 ae 60 9e 8b 2e 4f 52 38 5d 05 19 64 01 af 8b 24 46 f3 1b 7c 3e f8 6c a7 3f b5 62 78 35 b6 a3 52 d5 12 02 14 ce e9 6b 1b 2f 60 08 82 02 43 11 06 9b 2a 67 87 5f fe bf 04 4e ad 98 39 fa 0a 1b ea 6a e7 0e 3d 34 41 aa a3 43 43 63 82 f8 0f 73 83 ee f1 34 4e aa 6f 20 47 10 05 16 05 a2 9c 92 ac 32 95 b6 2a 38 ea 14 ca 72 4a 18 69 16 91 4f 56 3f f3 b0 da 75 8e 56 4e 95 6f 50 fe ca 43 c7 df 97 a9 b8 6c 9d d3 fc 92 ae 17 0e a7 c3 49 44 16 d6 b3 c8
                                                                                                                                                                                                                                        Data Ascii: x4 h$DIP1Run6<[x8RwqtQIa 2_UZ$V ^XGr=wDuJzk3PEv`.OR8]d$F|>l?bx5Rk/`C*g_N9j=4ACCcs4No G2*8rJiOV?uVNoPClID
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 21 10 dc 8e 60 30 ef d1 ab 65 e5 8b 56 ce ae 88 d4 7b 1e 44 46 6e 2d 8f 24 f9 2b 3c 77 a0 5f 19 11 e3 c1 d0 fa 07 a4 b1 5f 29 21 91 78 6c 27 98 4c 45 d2 3f f0 6d c4 e0 3c 47 ce 5b e3 54 ff 8f 2a 31 f6 d7 09 31 e7 db ac 27 ff 36 ce 4f b3 24 c0 e7 99 de fc 71 e9 e9 e3 82 f8 88 f5 14 75 cd f7 34 94 61 7c 39 3d 99 ad 16 f5 1f 17 2b 35 9b 9b 15 bd bd 9c b0 dc f8 86 bf ea 1a 13 49 72 99 4e 4b 25 98 04 6e 55 fa f6 64 ff 89 cb 53 bc be b2 71 b1 6c ae cb 15 27 d7 58 6d 3e 3e 55 5d d7 0c 1f ac 5a b1 08 75 49 d9 34 a9 0a f7 71 bf 4b a2 74 31 9f 94 19 9e a5 72 59 bd 8d 78 92 69 cb 4d a9 57 74 ff e2 39 5a c6 56 11 4e 6f 08 a3 d1 5f 7e 77 d0 a0 c2 7d 5e df 50 72 3a 10 af 86 63 5e c1 fa a8 4a b0 b9 71 d6 6f 14 c3 c4 ff 4b 66 3d 59 20 97 cc 15 73 c3 f4 0f cf e7 72 f6 38
                                                                                                                                                                                                                                        Data Ascii: !`0eV{DFn-$+<w__)!xl'LE?m<G[T*11'6O$qu4a|9=+5IrNK%nUdSql'Xm>>U]ZuI4qKt1rYxiMWt9ZVNo_~w}^Pr:c^JqoKf=Y sr8
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 2f 54 12 25 70 6f 36 94 c2 5a b3 23 6a d6 c7 12 27 cf c1 6c 9a 1f 32 46 09 ce 3b 78 c6 45 c6 07 7d 6f 77 8e 91 cc f0 73 48 b7 25 9f 6d fe b9 9f 4f 17 d5 4d 98 0e a7 25 95 a3 81 78 42 20 ea 57 ce 62 c4 f3 d2 b8 cb 6a f9 30 e2 ab eb 04 19 8e 01 f9 89 8e 03 dd c1 f1 de 15 17 4c 18 99 e6 04 f3 40 e5 e8 3a 49 cf e0 39 aa 8a 70 8a 74 e5 b0 0d f9 b4 04 5d a6 78 55 db 54 2a 67 b4 b5 0a 2d 72 31 5b 50 7c 3a 24 95 f3 47 b4 c1 6f b3 89 3c 9e d8 36 35 21 ae a0 23 40 be 60 09 27 1c ce 52 c3 ae 46 d3 97 a2 6d 0d 85 6d d3 80 16 df 93 5c 89 0c eb de 3a 05 98 ab c8 a2 78 99 61 00 99 da df 70 d9 fc be aa bd 91 28 33 bf d2 da a9 1a 34 ef 6a e3 28 e1 6e 19 7b d4 75 59 7c 62 74 d1 f7 8f 9d c1 29 05 26 1d d8 38 73 55 02 8d 2d 91 d5 f0 ec fb f4 19 9d c8 3f 2a 6c 5b 9c 47 0f 2f
                                                                                                                                                                                                                                        Data Ascii: /T%po6Z#j'l2F;xE}owsH%mOM%xB Wbj0L@:I9pt]xUT*g-r1[P|:$Go<65!#@`'RFmm\:xap(34j(n{uY|bt)&8sU-?*l[G/
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 8f 3f e4 89 e4 39 31 14 9b bc 93 f5 52 b8 ca 84 22 7c 72 9b 72 49 b5 4f db e5 35 ee 06 42 2f ab 62 7d 41 0c ff c4 7e fa d1 53 b0 8e 90 3c 7d 1a e0 fe cb 36 2f 7e ac c8 52 64 d6 de d5 66 36 c4 4c 49 6b 84 f1 b8 29 36 67 47 af a2 1a d3 8b d3 e6 9e 3a ed 5c 18 36 75 95 a8 21 3d a7 a8 a2 2f 30 0f 32 d4 4a 9d 22 47 1d f5 f6 78 5a 3a 53 bb 98 c5 fb 6d 79 fb fd 33 ad 52 32 cb 91 59 64 66 5f 8f 6a bf 37 2a 69 08 21 45 34 e1 c7 a5 ac 3f 87 92 c3 d4 8d 44 3c 10 21 06 9e 09 5d 8a c6 ce d4 df 49 f1 5a f9 a3 26 6d 05 1e 4f 25 ad 76 eb dc d1 12 7e 90 a3 b4 5c cc fd b0 96 ca 4d d1 9b 13 d7 67 2f 53 cd 43 28 9f 0f f8 d9 4a a3 4c 08 59 c5 83 6f 43 1b 88 b6 3c e3 4e 3f 8b 91 47 7c 96 2e b1 e9 71 56 cc c3 46 cc 7f ad 3c 20 8a ca 73 6c 74 cf 93 94 21 b1 61 cd e8 d4 c9 50 ad
                                                                                                                                                                                                                                        Data Ascii: ?91R"|rrIO5B/b}A~S<}6/~Rdf6LIk)6gG:\6u!=/02J"GxZ:Smy3R2Ydf_j7*i!E4?D<!]IZ&mO%v~\Mg/SC(JLYoC<N?G|.qVF< slt!aP
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 04 d0 14 f1 df fe cc 0c dd 32 b8 94 9b 10 e8 41 aa f7 9c b4 a5 7c bb e8 7f 12 6d dd a5 7c e4 b5 dc 55 cf a0 69 f7 16 cd 8f 58 b1 b5 c4 5e fd b7 ca b9 e3 9c f1 e1 ba d6 71 1a d6 93 bb 90 98 4a 87 15 02 b1 cb b2 0f 9a 02 e9 7e c3 6e 26 6b 69 0c a7 60 13 3b 18 bd 63 bb 40 62 4a 62 b2 32 a2 21 09 9e cd 85 83 0c 4d 0b 76 51 d4 18 45 73 c2 c5 24 f6 cb 39 c7 b3 f4 ef 8a 72 7b 55 39 34 88 e1 32 e2 13 de 49 c4 d7 a2 92 94 c2 13 0c 34 f9 c9 dc 28 0c b2 4e 44 04 91 45 a5 22 d4 ad a0 6c e8 f1 bc d0 f7 7c a4 97 d2 2d d8 6b 6c 13 57 4a d7 32 b3 d8 43 7e da 69 bb 00 b5 74 22 1f 13 23 08 97 6a 08 af 75 47 6f ae e8 b7 a0 83 d1 0f 7c e9 cf f9 ad 8b 8b fd 44 03 e2 ef 3c af 90 ce 3c 9e a3 fe 8f 0e 0e ff bd 87 a1 d1 3f 60 a4 19 46 da 93 55 95 31 8e 9e eb 43 f5 c9 48 59 8b a4
                                                                                                                                                                                                                                        Data Ascii: 2A|m|UiX^qJ~n&ki`;c@bJb2!MvQEs$9r{U942I4(NDE"l|-klWJ2C~it"#juGo|D<<?`FU1CHY
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 05 08 69 e2 f7 be 25 99 7d 8c b4 ac 40 4e ad 57 f7 74 b6 72 c6 81 a8 bd e4 9c 43 de 8f da a8 50 97 d8 e7 50 2e 41 c9 d2 87 b2 39 05 3b 70 c0 f9 ff b7 69 e3 9d e1 b2 5a 5d cb a8 cb 9b d9 15 8d bd 29 85 eb ae 9c e3 79 f7 46 4a c2 4a 1c 2d e2 2f 29 b6 fb 60 2f 4c 7e 2d d8 1e 42 b8 74 b8 27 cf 5a 85 13 a7 ac f3 ea 85 67 93 66 3a 94 4a ee 4d ee 63 7b b1 83 66 c8 99 3d e9 54 38 86 3d 8a fb 88 12 e4 75 6e a4 df de 27 81 77 b4 d9 86 f1 a7 52 69 78 2b 68 05 96 a2 b1 95 54 d3 1e f3 a4 15 36 e7 d1 21 65 1d 10 82 df 49 94 61 9a 36 4e 70 d5 3f 0d d2 bb bf e1 a1 c9 08 4b a0 01 cd 03 d5 f4 0d 96 d2 1e 7c 4e 1d cf cf cf 13 69 cd b6 82 9a 10 3e bb 41 08 5c e4 cb 1a 7d 2a 6e cc a8 f0 05 37 2c 95 8a 4d 25 6a 5c 63 c7 a8 19 b1 00 fb c8 7e b6 b5 ab 55 ae 3b 3c cc 2a 2b 33 92
                                                                                                                                                                                                                                        Data Ascii: i%}@NWtrCPP.A9;piZ])yFJJ-/)`/L~-Bt'Zgf:JMc{f=T8=un'wRix+hT6!eIa6Np?K|Ni>A\}*n7,M%j\c~U;<*+3


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        57192.168.2.449807104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC831OUTGET /wp-content/themes/meminz/fonts/open-sans/opensans-regular-webfont.woff2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: font
                                                                                                                                                                                                                                        Referer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC771INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: font/woff2
                                                                                                                                                                                                                                        Content-Length: 18752
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                                        ETag: "103a59-4940-50cdb39a46700"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 918
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvSBH4wUQ1%2F7EAM%2BTnvppfcTb24aq2HvLG8lrMEwtzouPPnIDSFzlIiO6HwsuGE17SDC%2B7%2BS3%2BPPiBkHuQMAP0riktCX%2Bvf14yIP1bBUX9fDE%2BqhVm8ZP1Gq%2FMg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb99c82715d7-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC598INData Raw: 77 4f 46 32 00 01 00 00 00 00 49 40 00 13 00 00 00 00 b0 60 00 00 48 d3 00 01 19 9a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 1b 93 18 1c 81 28 06 60 00 83 5a 08 46 09 84 65 11 10 0a 82 a1 78 82 80 13 01 36 02 24 03 87 26 0b 83 56 00 04 20 05 88 4e 07 85 65 0c 82 76 3f 77 65 62 66 06 1b 52 9c 35 78 f3 32 e4 76 80 2e 21 3d d3 67 23 1a d8 38 40 40 62 ee 1f 89 08 36 0e 40 e3 27 19 b2 ff ff 6b 72 32 64 80 05 9b 5e 7d c1 41 99 02 37 8a 1a 93 9a 62 55 34 d5 6c aa b1 e8 58 34 2c ed e1 69 19 eb 65 f5 50 21 98 b4 a3 ce 3e 2a c3 b1 b4 a5 51 7a cb 15 65 b2 78 82 5b 78 36 1a 85 be fb 4c cc e9 c6 6e a4 ce 41 aa 6f 51 1c 93 4d 2f f2 fe 42 c5 f9 53 71 1c dc 15 2c 6c 58 4d 14 8c 16 65 61 55 32 ea dd 1e 09 7c ad ae 0b be 58 94 e1
                                                                                                                                                                                                                                        Data Ascii: wOF2I@`H?FFTM (`ZFex6$&V Nev?webfR5x2v.!=g#8@@b6@'kr2d^}A7bU4lX4,ieP!>*Qzex[x6LnAoQM/BSq,lXMeaU2|X
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: d1 47 32 98 cb 80 6e f2 43 b3 a1 95 07 6a f9 d3 f2 28 fd 38 66 10 86 c5 21 11 12 ac da bb 5f 97 a5 57 d7 54 4a 73 ad 0b 93 89 33 a5 ca c8 cc ff ff 4d 35 bf bd 6f 86 20 1f 20 ad 2d ee 3a 26 3a 64 1d 17 0d 14 9d 42 e7 a2 75 51 f1 dd 37 33 e0 9b 37 00 08 bc 01 a8 99 01 a5 05 41 05 00 a4 24 60 40 ee 82 e4 fa 20 90 32 48 69 73 ea 64 39 ff 90 2a 81 a4 52 a0 f4 43 0c 45 e3 72 eb f2 b7 fd 3f fd b7 68 6d 19 2f 81 56 a9 e1 15 b7 66 92 68 c4 dd bd 41 2d 7a 48 1a 22 d3 ef ef fb ea aa b6 75 db 96 ac ba 2d c3 4a 56 82 ce bd 9e f3 66 de b9 73 ee ba a4 4d a2 9b d3 fa 03 68 46 6f 70 a8 f1 fb 61 6e 5f de 4c e5 5b 21 e9 b4 1e 16 82 a5 a2 70 b8 ac 2d 4b cd 42 6e 6e c7 6b c8 58 21 32 e8 b0 3c ba de 37 da fb bd b3 1e a9 d9 9a f6 d2 46 4a 8c 40 14 99 01 d2 fd ba 63 ef 5e cb 13
                                                                                                                                                                                                                                        Data Ascii: G2nCj(8f!_WTJs3M5o -:&:dBuQ737A$`@ 2Hisd9*RCEr?hm/VfhA-zH"u-JVfsMhFopan_L[!p-KBnnkX!2<7FJ@c^
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 3c df 7d be f9 fc e2 f3 f5 e7 2b cf 17 9f 73 9e 0f 3f 2f 7d 6e f1 6c f3 e1 3b d8 31 ad 53 f1 70 28 e0 40 e7 5c 80 ff 08 6f 6f fc 7f 0f 00 54 28 0c 8e 40 16 aa 9b b6 d3 7e 08 63 de de d9 dd db 3f 38 3c 3a 3e 39 3d 3b bf b8 bc ba be b9 bd bb 7f 78 7c 7a 7e 79 9d bd bd 7f 7c 9b a3 35 35 33 b7 b0 b4 b2 b6 b1 b5 3b 6d 8f 75 70 74 c2 39 e3 5d 08 ae 6e ee 1e 9e 5e de 3e be 44 92 9f 7f 40 60 50 f0 99 90 b3 a1 61 e1 11 64 a0 a2 b2 ba b6 95 d9 3b 38 c0 62 0f 0d 8f 8e 8f 4d 4c 4e 4f 71 66 e6 e6 b9 bc c5 85 d5 95 b5 75 80 16 1d 43 79 92 75 21 35 f1 55 46 42 8c 81 aa c7 01 3a e0 c2 2d 00 80 2b ef 04 46 9e 2f 8e da 04 00 ae ba eb 69 64 1d 75 6c be 75 83 a1 ef 7d b6 f1 0a bc fc 61 eb ae dd 90 fd e5 63 28 bb bf b4 be a6 b1 a9 b9 a1 9d 01 b4 3d d9 73 1e d8 79 ed 56 03 dc
                                                                                                                                                                                                                                        Data Ascii: <}+s?/}nl;1Sp(@\ooT(@~c?8<:>9=;x|z~y|553;mupt9]n^>D@`Pad;8bMLNOqfuCyu!5UFB:-+F/idulu}ac(=syV
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 1b 3c 27 27 03 c5 53 04 b4 f1 33 3e 9a 30 e2 84 0f d3 6b c5 be 05 6a e8 94 90 63 43 8e 1c 08 44 5d 4c 96 a0 0d eb 8d 30 06 4c 48 28 e1 bb 9e 52 8e 6c d7 2b db 53 6e ed 83 98 ed 64 24 0c 37 4a b2 09 dd a3 df c2 60 1b e1 ff 1e d4 ce 94 0a 0c 69 d7 ed ae 6c 9e eb 7e b8 b8 a4 76 ad 59 a4 ed 25 86 04 eb f4 fe ad 8c 37 6e 0d e2 7f fa a6 7e ca dd b8 6f f6 a2 1a 6e 67 4a e1 37 bb 23 a8 9d 3c 18 9a 6c 69 67 50 3b 92 0f df bf 3b ec 5d 89 b3 6e 80 50 f0 3a 82 a8 0e a9 16 b5 f4 d5 04 a9 08 fb 75 23 63 de 87 a3 46 23 50 52 bc 29 59 95 82 79 56 e1 28 ed cb 5a 76 dc cd 77 6c bb 4b 20 62 36 2d e3 75 69 b4 52 d4 a1 35 b2 f0 c8 3f 88 1f cf 1c 26 3e 61 94 51 04 c6 91 3d 4e bb 26 26 f3 15 0f 2e f0 78 e2 51 cc 8e 99 dd 70 09 3d f1 c2 05 5d d9 b6 fc 9c 9a 5a a6 95 e4 de 12 df
                                                                                                                                                                                                                                        Data Ascii: <''S3>0kjcCD]L0LH(Rl+Snd$7J`il~vY%7n~ongJ7#<ligP;;]nP:u#cF#PR)YyV(ZvwlK b6-uiR5?&>aQ=N&&.xQp=]Z
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 4d 59 00 a0 7a 81 16 9f f2 ba b4 0f 12 91 6f a2 e3 13 4a 82 94 07 8b 3d a7 42 21 54 77 8f 0d a9 36 c8 6c fc 6d 52 b2 d0 a8 41 cd 54 6e 75 d5 95 ab db f8 e4 6c 79 06 de e9 80 07 ae 85 06 38 40 b8 28 80 68 4c d1 29 1d 80 b9 35 a8 66 da 9a a1 85 86 c4 61 d6 4f 7e 87 73 24 3d 24 3a d3 00 10 6d 1c dd 64 f6 63 39 04 88 8e a3 01 6b 6c 42 83 79 77 57 de 3c bb 65 1d dc 1b d2 1a 33 eb 5c 34 50 97 30 40 34 79 76 34 aa 1a b4 2f a8 65 04 e9 09 a1 90 6f 28 18 5a 9b f5 39 cf 43 57 bd bc b0 75 c6 d0 ec ac fa 0e e4 66 03 8d 71 be 31 84 ad 2e 47 3e 3c 02 09 79 b8 7b 6a a6 b6 66 0a b5 23 29 a6 40 62 15 58 94 b6 c6 3a 10 1f 2e ef e5 98 27 0b 8e 28 54 34 41 5b 48 06 38 be cf 00 2b 1e 74 bb ab 9d 7e 0c 23 3c 94 5e 28 33 29 3d 52 29 c8 46 d0 05 10 cb 23 65 ce 86 7e d0 70 62 5e
                                                                                                                                                                                                                                        Data Ascii: MYzoJ=B!Tw6lmRATnuly8@(hL)5faO~s$=$:mdc9klBywW<e3\4P0@4yv4/eo(Z9CWufq1.G><y{jf#)@bX:.'(T4A[H8+t~#<^(3)=R)F#e~pb^
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 68 7f d5 3c c9 70 2d 9a de 1e 00 e3 f5 a8 41 26 57 4b 9a 46 6a 64 f8 3d 2c d5 b7 91 8f 3e 91 9a 8c 66 66 ab 5a aa 78 85 2b 6a 4d 32 dc 9e d4 8a dc e9 a4 4b 7f c5 e5 3d 7e 31 42 3a bd 70 f4 7a 9c e4 d2 3c e4 c9 fe 2a 85 95 56 46 59 fe d9 b9 65 de de 61 f9 cc 29 ac d2 6e b0 0e 5e f2 cf ce 26 25 54 15 50 df b7 dc 34 34 d2 51 57 52 52 91 ff 65 59 5b 9d 41 47 f9 61 18 23 4c ae 9c e9 92 9d 68 e9 b0 8e 30 2a 36 ef e1 2b 5e 40 20 f7 cd fb 3d 7f 87 f6 1d d2 82 80 ae 9d 9c 16 da 48 86 d9 a4 ba e9 c2 fc ba 4b c7 7c 56 ef f5 a0 d6 64 19 04 8f a5 80 53 c6 a2 40 0e 98 63 5f d0 97 2a 54 fa ee e2 c5 3d a3 62 33 a9 2a c5 c8 fa c5 5b dc b0 33 a7 da 9a bd c7 b8 bb e7 9e a3 a1 66 73 45 62 9b 59 69 67 d8 c3 53 a1 bc 6b f4 c9 01 85 ef 3c a4 a2 29 ef bf aa 4e 4c 0d 08 ae 21 95
                                                                                                                                                                                                                                        Data Ascii: h<p-A&WKFjd=,>ffZx+jM2K=~1B:pz<*VFYea)n^&%TP44QWRReY[AGa#Lh0*6+^@ =HK|VdS@c_*T=b3*[3fsEbYigSk<)NL!
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: ba 82 e5 54 91 91 e9 ea a0 77 3d ca a2 de 74 13 5f d5 98 dc f9 72 e8 c6 c3 6c 5c 97 97 26 f7 94 5f 49 2d d1 1f 9b 72 a6 df 8e 69 59 e4 77 3a 31 06 f4 6d d7 a7 1b e7 fc 2e e2 bf d3 c5 a7 cb a3 42 29 44 3d 5f 54 46 e1 44 bc 88 ce 69 ef ba 9c c1 9c eb 23 bb 5e d8 10 bd 2b f7 b0 6c 42 b5 74 0b 9f b1 0f d7 3f ed ca e5 b5 20 c2 ec 87 6a ef 97 82 4e 48 56 9a c7 55 83 59 39 28 61 53 05 94 46 98 a2 74 a7 4c 23 dc 90 23 86 5c 89 2b 69 dc ad 34 8b 71 f1 34 a4 89 6a fb fa a3 09 b1 ef 84 9d 2b 25 3a 26 b7 90 9a 53 8a 61 37 8a 2e fd 16 68 35 19 e6 49 ad a1 07 95 07 57 4a bd 76 cd ad 1a af 98 ad 68 00 18 c2 ec e7 54 af 7b 62 61 c8 4d e2 cf e3 dc 59 c5 b4 e7 ce 8b cb 5d 55 1e ae 22 e5 89 b8 71 c2 45 db f3 ba 44 aa 7a 54 80 51 f1 9b 62 cc 4b 7c 68 b1 9e ed d7 fa 62 10 3d
                                                                                                                                                                                                                                        Data Ascii: Tw=t_rl\&_I-riYw:1m.B)D=_TFDi#^+lBt? jNHVUY9(aSFtL##\+i4q4j+%:&Sa7.h5IWJvhT{baMY]U"qEDzTQbK|hb=
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: bb 0b 64 ed 5c 09 ae d5 df 9d 02 a0 17 ef 86 22 cd 75 a5 0b 2a 63 0a e3 d9 c1 49 65 79 c5 d2 99 81 e6 65 25 95 e5 44 13 20 6a 83 42 5a 37 3c 24 70 b8 2e 2a 8b 56 15 a2 ef 8f f1 d4 73 c1 a0 8d fe 3a 89 42 65 a5 56 85 e9 fa 62 bc f4 08 18 55 63 dd c7 e0 97 a9 35 49 95 46 c1 b7 24 8c 34 04 aa 19 8f dd df 2a 6f c8 c6 d6 aa af 7d a0 c8 2c 5a 74 4c 6e c6 d9 c8 9c 8c d8 98 cc b4 38 b2 e5 aa 95 29 d6 d6 d2 d2 c1 d6 c4 44 ee 82 91 60 dd 21 de 5e 07 ee 50 91 a1 28 87 63 7e 3a 00 bf b8 a5 41 59 9f cf 08 71 98 e0 46 3f 76 77 00 6d c7 a3 5b d9 2c 00 df 6b a8 1a 5c 97 fb 00 17 02 63 20 45 d2 a2 81 a5 2b b5 25 93 05 32 80 c0 c2 bd f9 76 95 ed 2f 01 73 01 f3 82 bd 61 0c dd 70 1c 4d 08 a3 50 57 e4 cf 68 0e 10 50 a0 37 0a df 1c 2a 0d fc fc dc 2b 72 d2 af 62 74 75 cc fa e6
                                                                                                                                                                                                                                        Data Ascii: d\"u*cIeye%D jBZ7<$p.*Vs:BeVbUc5IF$4*o},ZtLn8)D`!^P(c~:AYqF?vwm[,k\c E+%2v/sapMPWhP7*+rbtu
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: c8 bf d8 de ab e5 bf 62 94 0c 56 e1 66 f1 45 cc dc fe f6 58 37 d3 81 d1 8c 1d 3f 41 a3 4e 01 45 60 7f 8f 04 e5 84 3b 71 b9 71 4d b1 07 2b 5b fa fb fa dc 83 42 16 ac 0a 79 5b 2f fe 8a 3e 12 56 34 75 0e 70 d1 a4 35 27 e5 f9 33 46 fd e2 a4 9b 93 7a 6b 91 76 7d df a4 f3 e3 90 fb 78 91 20 3f 37 06 9e 67 e2 a2 b5 55 0e 49 36 fb 48 93 1e 3e 07 fa fe 2c c4 db bf 05 6d 1e fc ff 9b a6 ac f8 15 f0 f4 e5 27 61 98 86 17 05 d5 0f 7f b3 6d 21 72 fa 67 0b 79 12 c0 a8 95 8d 84 25 0c 6e 09 70 0c 07 b1 25 bc 5d ae ea 56 2a 68 72 c7 90 5a fd 35 d5 e0 db 1e aa c0 38 09 b5 b7 2c 3b c5 92 94 27 cb e8 fa fe 91 02 0c fa 0e 54 1a 84 aa 08 e1 61 88 32 f0 48 d9 47 b1 04 a9 57 99 e4 2e 2f 05 3d 78 16 8d 37 ee 68 27 8e 45 4a 87 73 ed 05 3d b5 c3 6c e8 6e bb 01 79 fa aa a8 25 9e 9c de
                                                                                                                                                                                                                                        Data Ascii: bVfEX7?ANE`;qqM+[By[/>V4up5'3Fzkv}x ?7gUI6H>,m'am!rgy%np%]V*hrZ58,;'Ta2HGW./=x7h'EJs=lny%
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 80 a5 93 5d aa 91 5e 0e 0a 89 a2 1c 7f a0 45 6f 19 95 8c 2b 3c dc 85 5d 3b 2e af b1 a3 79 90 9b f2 51 eb 6b 33 63 c1 6a 43 e5 2e 87 1e 58 dc ba db 3d 1d 42 93 bc 8f 25 d9 7c bd 21 64 25 a3 cc c4 c2 3a 82 bb 34 b5 4a 43 51 ae f4 a6 9f da bb 59 22 69 e7 74 32 0c ca 61 d0 d9 59 a0 08 a9 de 3d dc 81 0f 4e 48 b9 80 7b e2 a0 6e 27 96 85 56 1d f4 c6 72 34 6e 89 a8 31 04 77 98 13 1a 4e ab f4 68 a0 74 01 6d 81 92 75 55 17 5d c1 67 db 58 ab b1 3d 89 c9 b4 c6 3a 22 b9 52 7b 8c 75 f5 1e c5 bd f3 e1 12 de 9e 1a 78 60 a1 91 6a ed 59 8f 06 89 37 46 f6 83 9c e5 40 e6 58 f4 7a d4 28 d5 b1 24 ad 12 3b 4f 5d 8d d3 98 55 42 9d 0b 8e 50 9e 05 d0 32 0f 81 4b 83 b6 d2 3d 90 71 22 9b 4b 46 82 4c a2 fa 7c 50 77 37 90 98 10 20 7f b6 b4 a5 4d b2 9c 92 64 49 0d 0c 60 60 1c 37 04 96
                                                                                                                                                                                                                                        Data Ascii: ]^Eo+<];.yQk3cjC.X=B%|!d%:4JCQY"it2aY=NH{n'Vr4n1wNhtmuU]gX=:"R{ux`jY7F@Xz($;O]UBP2K=q"KFL|Pw7 MdI``7


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        58192.168.2.449808104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC879OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: font
                                                                                                                                                                                                                                        Referer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC762INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: font/woff2
                                                                                                                                                                                                                                        Content-Length: 75760
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                                        ETag: "ff8d7-127f0-615e2e3b4a63d"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 7005
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZCI3XldInK1Ev9qAGLlJMPpNGKoI4cQG9cvyyxjBHFlZtMZSihyLbXq2kSTzn%2BFe2F2r2CX1mjlOaQpWA4XqJZUd%2FCUwFMTWXUX33%2BbAeEiRflyszcmm4uyRusk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb99cdb0236b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC607INData Raw: 77 4f 46 32 00 01 00 00 00 01 27 f0 00 0d 00 00 00 02 ef d4 00 01 27 96 01 4a 7f 7c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 1e 06 60 00 97 0a 11 08 0a 8a a0 18 88 89 17 01 36 02 24 03 9e 0c 0b 9e 10 00 04 20 05 8a 2b 07 dd 6a 5b 5d 54 92 42 e4 ee 6f 03 2a f4 dc d6 8a a1 4f 23 4b d2 13 6e 0c b7 c7 81 1c 4a 04 4b c4 db c7 13 d0 1d 70 47 15 de 12 b3 ff ff ff ff 7f d3 b1 10 f1 ee 2f b9 a4 f9 a4 69 bb 76 36 66 3a 00 60 04 41 12 4f 29 e5 01 05 b9 78 45 2b 28 63 cf 65 4a b3 3b c9 e3 bc e8 e0 2b ea 88 b4 9a 84 ed 48 ef d8 29 c6 c2 14 34 1c a7 73 c7 81 0e fc de c8 dd bd 98 07 22 23 22 23 22 23 22 5c 1c ee 5e 1e d9 96 82 46 b8 af f5 8a 27 b2 9b 4e 64 44 64 44 64 d2 ad b5 7a 36 4b f8 f6 bc b8 db 1c 69 36 22 32 32 39 07 de d8
                                                                                                                                                                                                                                        Data Ascii: wOF2''J|?FFTM`6$ +j[]TBo*O#KnJKpG/iv6f:`AO)xE+(ceJ;+H)4s"#"#"#"\^F'NdDdDdz6Ki6"229
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 66 32 0c 40 31 c0 02 a3 c0 3b 30 12 3d d0 be 93 3b 3d a3 51 ef 4e 4f 2f 8c 0b e3 92 fe 0f 10 00 c8 18 70 a1 af b2 2d 9b a8 33 a7 cb 38 07 50 ba 02 a1 d5 f2 33 aa 02 04 34 dd f3 5b db eb dd 6d 7f db 7f 06 4b 10 ca 23 94 c4 38 12 c2 c0 5c 2d d6 cf f8 dc ce 27 ae d0 18 99 ca 12 1c 0e 63 2c 46 f5 be bb cd ef 6d d9 bf 8b 96 e1 52 14 a2 10 92 2c b0 c0 36 c6 9e db 3d bf df af e7 4c c3 b0 cb 2a ab 55 d6 d9 e6 e4 e7 73 6a fc 4b ed 4e 37 79 68 68 9a 96 03 86 96 07 da 9a 8a 10 b8 90 36 1b ea 8c 1f f7 c1 62 63 6d ad ed 39 f7 58 56 60 c0 32 06 06 92 26 6d 9a 64 18 6c eb 11 fe bf 7d 2d ed a5 e9 8f 52 b7 bd 80 e0 64 81 d0 c9 03 3b 7d f1 a4 e3 f4 69 cb 95 f2 e1 32 ba 4a d7 06 03 05 3c a6 05 e6 6f f8 08 75 ff 4d 6f 0f 3f 7f 64 2d b6 d1 22 a5 92 49 85 6c 7e 2a f2 ef 98 81
                                                                                                                                                                                                                                        Data Ascii: f2@1;0=;=QNO/p-38P34[mK#8\-'c,FmR,6=L*UsjKN7yhh6bcm9XV`2&mdl}-Rd;}i2J<ouMo?d-"Il~*
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 07 c7 33 43 a1 8f a2 2c f5 c3 6c 27 5c a5 89 f4 c9 38 56 c0 6c d4 c7 83 83 10 80 fa 82 91 6b ee f8 82 57 3e 26 57 91 30 f0 bc 31 b8 80 e1 27 cc a2 0c 1c d8 b8 c1 d9 5d 42 ea bb ce 87 24 a7 b6 2e bd f3 d1 0f 19 85 09 2f 1d b5 5c a8 ad 67 ea 1c 79 97 50 d4 e1 93 4d de f8 9f 67 a6 d8 17 d2 99 fe 85 94 e9 c4 d3 87 4c 16 28 7c 7b ab 13 04 1a 47 31 6d ce c4 3d 55 e7 8b dd ac ce c7 f9 cf 71 4f 74 8a 33 9e e5 1c ce f5 fc 38 dc 11 27 f1 7e fc 4b e7 c4 67 92 48 b5 38 37 64 c3 9d d9 79 51 93 76 3d fd 92 88 70 ef c6 86 f6 8e b6 fb 9f de 66 ef 3a f7 cc 5f 69 b1 55 4b 47 60 88 56 24 37 36 2a af 6e 6e a7 ab 13 8d 8a cd 34 4a d9 eb 4a 72 a9 f6 ce 79 e7 20 dd 46 c6 3e 26 b2 84 4c eb fb 79 3d ae 97 d3 f1 f0 f6 f5 cb e3 dd 6d 7b 75 79 71 be b5 b9 ba b2 bc 90 1e 1f ee b7 c3
                                                                                                                                                                                                                                        Data Ascii: 3C,l'\8VlkW>&W01']B$./\gyPMgL(|{G1m=UqOt38'~KgH87dyQv=pf:_iUKG`V$76*nn4JJry F>&Ly=m{uyq
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 01 28 25 a7 66 ff fa 17 5f 7e 78 3e 64 5f cf 14 48 99 cc 70 ef ce fc a2 bd 80 5e f1 02 a0 a8 2c fc 99 74 ce 14 c1 a5 e0 0a 9d f0 04 77 68 88 e5 23 91 1c 38 fb e7 fb 4c 7c 08 da 8e 79 42 0f 34 3d 48 c9 c4 2b 01 b0 75 a8 73 f6 61 9b a8 5e 01 80 75 77 b1 7b a4 b2 ba 45 86 6b 21 4a 13 98 98 29 73 cc cc 2a 43 66 66 9a 0d 79 c6 5e 2d 8d 68 9d 65 a6 6d c1 c6 36 48 d8 01 c9 38 dd 98 ef 0e 63 0f 6f 64 13 8e ec f8 7e 32 30 a8 41 ce 91 42 84 4b b4 9e 1a f9 6a ae 91 11 08 37 cf cc c1 36 63 15 a1 6f 17 c2 59 2e ae 67 10 e3 b3 2a 13 ff 00 81 84 d0 75 f7 e3 7d fd 8a 3b a5 e2 b7 4a df 21 ea 38 a0 c1 0b 6e f1 23 0c 38 b7 b8 dc 0e 38 e1 12 fb 44 93 e4 fb 43 46 d8 f8 31 18 83 e0 1f 29 00 5a b5 04 ff ad 4b 2e 4f b7 26 13 e3 2f e2 c5 e9 98 04 9f 88 4b fa f8 7c b5 7d 3c 2b a5
                                                                                                                                                                                                                                        Data Ascii: (%f_~x>d_Hp^,twh#8L|yB4=H+usa^uw{Ek!J)s*Cffy^-hem6H8cod~20ABKj76coY.g*u};J!8n#88DCF1)ZK.O&/K|}<+
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: b2 f3 63 df 1f ae 31 4b 27 6a 92 51 06 29 ad 33 28 34 8a 42 9f 0f 6f 2b dd 99 de d5 5a a7 d5 88 68 95 a6 4a 58 2e 2a a1 0e dd 1c 5b cb ed c1 0d cb 01 6f fc 33 80 1b 73 cc f6 32 61 cb 1b 86 6f 09 18 54 5b 0d ca ea f2 34 8d 68 28 ab 62 74 51 7c 56 8a 6c 0c f8 92 95 70 20 f2 88 a4 82 10 89 8f a6 00 40 3e 7c a7 c4 88 f2 8c 05 28 74 47 2b 54 40 65 b7 46 1d e1 fb 51 16 15 4f f6 11 a4 76 a7 ea 6f 0c 17 27 de 2f 1c e0 02 01 e8 2e dc 14 d0 3b e9 a9 c0 f9 ea 85 36 c5 a5 33 cc 02 04 21 c5 12 52 c6 d0 6c d0 cc d6 ea 44 4d 4a 14 f4 1e a8 0f c1 47 6a cc 74 d0 e2 ea 46 f6 4a 5b cc a2 01 31 b0 b8 d4 18 bf 25 3a 09 9c 06 c4 79 4c f5 ae 76 81 55 c6 af 6e c7 79 9e f9 b4 ec 24 c5 dd b8 10 4f ee 26 55 cf 4e 0b e1 5f 06 2e 5c 7f 5a f2 ca 20 ab a4 5e 29 a8 ff 71 2d fb cc 83 15
                                                                                                                                                                                                                                        Data Ascii: c1K'jQ)3(4Bo+ZhJX.*[o3s2aoT[4h(btQ|Vlp @>|(tG+T@eFQOvo'/.;63!RlDMJGjtFJ[1%:yLvUny$O&UN_.\Z ^)q-
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: b7 30 83 a3 28 5b 96 2b 49 c9 d3 b5 1e 38 f7 a1 8b c5 77 2a 1c df d1 b8 46 22 62 04 e5 01 c8 ff 8c 61 e2 36 75 60 b9 a9 75 5d bb 05 0d 48 d3 62 8a 49 c1 c8 5f 46 06 7b d8 b2 55 de 2b 92 85 74 1f 57 25 22 15 f1 6c 12 cb 52 5f ea 00 13 1c ca de 80 50 02 af 06 79 99 e9 75 7a 2d 7b 5d a2 21 26 61 da 20 56 3c 0f ec 22 0a 29 7c a0 05 08 27 57 e9 f8 a2 7f af b0 bf 81 65 02 05 d8 53 d1 bf 92 56 b5 a9 c7 41 19 e0 00 a0 92 08 cd 45 66 14 ee fa b7 ad 40 bd fe 1d 27 e1 72 f2 5b e0 7c e3 79 28 cd bf f0 2c 59 ac e3 d5 27 2d ac 74 db fc d3 04 d9 b7 64 f8 d6 c0 0c 3b a0 fe 1f d6 2e 7d eb f3 df 01 56 bc fd 49 a5 57 45 d1 d5 8e 06 07 fb c3 be 6e d6 ba 57 84 3e 77 b4 d9 a9 94 94 85 a6 a5 25 aa 60 dc ef e8 71 98 77 8f ab 3a 7a 5c 9f 42 1b c0 d1 a5 7b 45 e0 ee 20 b6 fd ba 78
                                                                                                                                                                                                                                        Data Ascii: 0([+I8w*F"ba6u`u]HbI_F{U+tW%"lR_Pyuz-{]!&a V<")|'WeSVAEf@'r[|y(,Y'-td;.}VIWEnW>w%`qw:z\B{E x
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: dd b8 db 7f d7 a1 12 1d e0 b9 1a 4d e9 e5 6c 75 59 58 3a c0 12 2e 18 ab 34 36 e5 91 0a 3f df fa cd 74 6d 93 6d ec 21 0c 44 d4 e0 3b 7e 2e 33 e5 49 4f 15 cb 6e 1e 99 29 e1 5c 55 74 e4 80 67 aa 66 60 d2 ce 99 26 b0 49 e6 c6 75 0c 1a 1e 83 9b d3 a5 9b bc eb 4f a0 83 9a e9 fd 65 99 53 fa d2 47 df 21 99 79 32 2c 1a 5b 93 47 dc 87 07 18 4c a0 2d a2 04 59 dd 52 b8 1b 7d 92 72 46 43 18 16 6c 90 8e 10 6b 06 a9 42 65 c2 43 31 55 d1 0d 53 98 c5 37 7e ce 4d cf 21 95 aa e8 44 cc 89 95 ba 85 26 96 6b 82 66 36 6d a4 ac 82 b6 27 bf 84 f9 4f 98 f5 4a 52 76 91 61 9e 45 f3 00 2f ec b7 16 cc 29 36 a7 32 c5 76 89 f8 e7 92 bd 18 cd b3 ad 89 af 6c 75 3e f2 ea 51 92 d7 ad 91 59 51 0b 49 bc 95 24 50 02 17 22 8f fc 7d af 0b 83 3a 0d 69 25 e6 e3 01 c6 c7 c9 56 e3 29 7a a4 cf 80 e7
                                                                                                                                                                                                                                        Data Ascii: MluYX:.46?tmm!D;~.3IOn)\Utgf`&IuOeSG!y2,[GL-YR}rFClkBeC1US7~M!D&kf6m'OJRvaE/)62vlu>QYQI$P"}:i%V)z
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 29 ea 1f 8b 63 b9 6e 12 80 dc a5 c2 a6 c6 87 1c 36 34 fb 36 8d 5a 5b 79 f6 b5 b0 6d 4a 0f 9d cd 26 cf 0d e0 3c 7c ee d5 d0 31 9e a4 9d eb 51 1f 92 81 2e 18 c0 d4 e9 05 94 2d 14 93 7b 06 ce 09 7f 81 c0 f4 98 b3 c6 17 9b b7 3d ca d7 ab 4a 6b 62 a1 bc c9 43 24 3a 65 73 96 c1 73 5b c6 b8 6c c1 d4 a7 ff 43 c2 e9 a7 9a 13 4d 32 fa 0f 79 8d 71 e3 0b fa 75 8f ed 02 b1 3d bb 3f 2c d7 0a 2a 99 ae eb c0 2b eb ec f6 be 39 06 fb 54 2b 9d 13 fb 1e ff 4c 8d 43 b3 2b 76 15 24 98 71 80 63 12 52 83 ee 1c 37 b0 8e 23 3a 89 59 ab 7f bf a0 81 a3 fe 5e 67 0b da fd 31 b3 65 fd 1d 5e 79 28 b5 e1 1d 35 af fa ca e8 5f ca 35 fc b8 d6 a8 7f 52 27 70 e8 c6 6e 93 e1 63 39 6a 8a f9 ea 11 e3 bc 6e be 39 7f d1 9e 39 66 36 3f 36 ce 1d 31 8f fd d0 b8 5c 30 ce 1f 35 6a 3f 32 5f 3b 6e 9c 3f
                                                                                                                                                                                                                                        Data Ascii: )cn646Z[ymJ&<|1Q.-{=JkbC$:ess[lCM2yqu=?,*+9T+LC+v$qcR7#:Y^g1e^y(5_5R'pnc9jn99f6?61\05j?2_;n?
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: ee e5 6f b8 ff f3 de 40 3e 31 02 a7 73 ad b7 8b af 2e 70 bd be 9e f9 18 b0 e3 01 25 1d b8 d9 65 6e 0a 2f a7 5c 5d 80 ad 21 86 84 ea eb 88 a5 4e a7 a1 a0 73 44 a8 95 d0 a3 60 b9 d7 5b a7 98 49 36 07 86 c5 f2 9d b9 18 a1 82 13 f4 5f a8 71 b1 6c c7 8a 8e 85 0a 44 d5 15 9f 01 10 bd 4f 00 74 48 e0 ed 16 cd 03 65 71 f7 e0 3c 4a d8 8c 10 f1 b4 ae fa 03 43 65 1c b7 d5 ec 74 89 0c e2 fa 66 02 52 a3 68 f8 16 1f db ec 40 4d 53 9e 1d 01 6b 60 8a f1 72 17 11 30 01 c6 3b 1b 26 c2 46 d9 de 76 f3 0e 81 b4 61 16 7c ad 01 a9 b4 44 b0 7d 42 a0 03 67 ef a1 06 b7 7b cf d6 fb b0 d5 10 7a f5 8c d3 8f d2 c5 12 86 79 7f 2f 5d 68 f8 70 f0 64 28 a7 33 13 1a 97 22 59 3d bb 64 df a5 61 49 96 b8 fb 2b d7 82 14 94 e7 a1 6b 5f 7e 63 98 20 c6 fb ab 6f 45 e2 d6 0b eb fe 87 ef 58 43 bf b9
                                                                                                                                                                                                                                        Data Ascii: o@>1s.p%en/\]!NsD`[I6_qlDOtHeq<JCetfRh@MSk`r0;&Fva|D}Bg{zy/]hpd(3"Y=daI+k_~c oEXC
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: a0 27 e4 34 f3 76 48 19 e4 e5 e7 5a bc ba b1 b1 a2 bb d7 d7 e2 d6 f1 44 42 36 29 2f 32 bf 70 91 5e 8f 0c ad 6c a6 75 a4 78 81 9f a6 21 bf ca 75 79 44 9a c3 b3 ce 04 2a 2d 23 cc 62 9e fe f7 1a 23 81 d7 0a ac d9 b0 90 90 67 89 a0 8d 9b 4e 06 b0 84 ba df 32 60 de c1 15 a0 df 6b ff a2 3e f9 03 7f 53 2b 47 d1 22 8a db 51 77 32 9d e5 fa 86 4e 8a 35 d0 4c a4 53 fa 9c fb a5 77 1f 9d 91 8c 70 f0 7e 6f 51 c4 ba 77 43 25 8e 4b fa be 74 86 b0 c5 96 c8 fa 9e 3e e9 1d 99 3a 17 06 78 4b c6 52 6d f0 ba 00 3c e9 f8 f9 0c 1a 53 2b a1 27 4e e7 22 ae 9f ef 4d 61 2d 15 05 6a f7 4f 21 e7 9f 39 22 ea f6 5c 5e da 22 cf da 61 5a 72 40 d8 1b 24 ab dd c0 e2 db 0a ea 2c 3d 2c 8c 0d 08 70 26 eb 48 77 24 20 96 03 2d b3 d7 ac 13 7a f8 8a f3 a6 bc fc ec 7b e2 07 9a 66 0b 49 ae d7 d3 d2
                                                                                                                                                                                                                                        Data Ascii: '4vHZDB6)/2p^lux!uyD*-#b#gN2`k>S+G"Qw2N5LSwp~oQwC%Kt>:xKRm<S+'N"Ma-jO!9"\^"aZr@$,=,p&Hw$ -z{fI


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        59192.168.2.449804216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178124162&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=4601 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        60192.168.2.449805216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1684OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178124162&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        61192.168.2.449809104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC880OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: font
                                                                                                                                                                                                                                        Referer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC768INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: font/woff2
                                                                                                                                                                                                                                        Content-Length: 75368
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                                        ETag: "ff8d5-12668-615e2e3b4a63d"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 7005
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLdVlK8BK%2BNtYyVWMqufPAtcT%2Fg6s5oA1NF53JUYvuK0d2bFCmshXMLZg51%2BHNr1fM%2BvogrjWhF9F3diPyy9XBeraD0Jy%2BpiYUPYKWMpAXZfLUG%2FBWOsYJwwuXY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb99ed11c46b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC601INData Raw: 77 4f 46 32 00 01 00 00 00 01 26 68 00 0d 00 00 00 01 fe 28 00 01 26 0c 01 4a 7f 7c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 1e 06 60 00 8b 32 11 08 0a 87 a4 6c 85 da 76 01 36 02 24 03 8d 50 0b 86 6a 00 04 20 05 8b 05 07 a8 47 5b df 94 71 27 d6 40 76 ca 1e 16 56 ea c6 80 32 32 fd 9d db 2e 34 cd 64 ba b9 53 6e 87 db f3 a2 e6 8e 82 e3 3a 6c 1c c0 66 96 a6 b2 ff ff ff ff fc a4 11 63 db 26 6c ff 1c 02 aa 61 94 55 55 d2 b0 08 59 05 e6 34 c3 09 ec 20 6c f4 29 0d 13 d2 50 33 9b ce b2 49 8f 61 a9 c2 5a 93 9c 31 63 93 7d de ce 68 dc 75 17 17 b2 30 59 98 8c 05 fd a4 e2 62 9f 62 36 6c b3 0d 9b 6c b2 95 61 d8 be e6 66 51 a7 b9 8a ef e3 9d 5f 0a 9d f7 d1 05 8b ba 0c b7 8c a7 49 c3 ea 01 ab 57 18 37 65 6d dd 73 88 fe f6 ee b0 11
                                                                                                                                                                                                                                        Data Ascii: wOF2&h(&J|?FFTM`2lv6$Pj G[q'@vV22.4dSn:lfc&laUUY4 l)P3IaZ1c}hu0Ybb6llafQ_IW7ems
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 7f 6f ee 7b 6c 6c 00 07 38 18 7a 69 5d 34 d8 39 37 c5 3a 60 28 2b 54 fb 34 ca 8a c0 b7 e8 03 ca 81 de b1 67 f0 c5 6c 31 a5 b0 3b b6 bd 61 d1 be f6 5a ea d5 b2 37 2b 23 e9 eb 72 00 c8 3c 26 85 0b e8 72 71 03 f2 9b 76 d3 99 79 0a 97 2d 69 77 9d 23 4a c5 ef 32 32 40 1e 98 67 68 f5 a1 0c f4 65 25 21 c1 b8 ba 21 fd c4 3c 44 b9 f7 b7 77 49 5e 29 dd e1 4a 97 30 fe 6b b4 c0 48 bc 40 62 f3 7f b5 d4 ff ee 78 d7 6d ef 1a 6c 19 58 32 87 c0 f4 00 03 d8 10 f8 ec f7 4f 36 db aa bf ac da 5e 68 18 69 0c 0d 03 82 28 1e 10 5a 01 cb 98 f0 c0 87 25 86 c3 e0 bc 90 47 1c 44 34 dc cf f6 76 26 4d 43 17 ff e2 49 77 fa fa 14 dd 20 b6 0c 4c 18 16 b2 81 ff fe e7 de 3f bd f2 a6 92 41 e8 ae 5a 40 f9 d0 b8 0a bb c7 26 76 26 50 fc 00 68 7c 01 0b b8 ed 2a cf b2 d8 23 0b 18 7f c9 9f d6 4b
                                                                                                                                                                                                                                        Data Ascii: o{ll8zi]497:`(+T4gl1;aZ7+#r<&rqvy-iw#J22@ghe%!!<DwI^)J0kH@bxmlX2O6^hi(Z%GD4v&MCIw L?AZ@&v&Ph|*#K
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 41 6b fd 63 ee 66 64 86 a6 6b 3c 23 19 c1 74 cc 21 53 63 aa 0d dc 59 fc 01 09 3a a8 4d de 9f 63 d3 6d bd 8f 1a 7c 89 ca 48 b0 3b 9e f8 e0 9f 7f 52 19 ff 6f d1 17 85 0f 00 00 f0 36 00 63 16 c0 f5 6f d2 30 fc fa 7c f8 ea 6a 7f a6 07 18 bd 63 6b 80 57 cf 0b 19 01 f4 da a2 12 97 41 50 64 11 0d b1 e4 b0 78 a2 7b 22 43 9f 19 6e 82 0c 52 d9 f5 c8 01 64 ef 83 84 e0 3d 74 09 a0 c7 53 8a b4 66 e8 85 50 a0 3a 2c 09 9e 6f 64 2a 29 22 85 00 a0 69 e7 e2 1d 36 07 35 cb 90 69 19 14 48 16 4e 20 21 62 a1 0d b2 2b 22 e6 de 0d 89 85 58 2c a0 7a 60 64 55 24 b3 c2 f3 19 8b e3 32 5a 00 89 74 0a 43 21 e4 8b d5 5a 1c 96 a3 0e c8 ec 85 44 c6 4a 2d 51 18 f8 84 0c 01 43 18 ad 60 e0 48 99 b3 31 e4 5b e2 76 06 7a 9a 3e 74 62 a3 a8 68 32 5c 21 7b 7f 26 81 20 03 82 1d 09 26 01 e2 ce 67
                                                                                                                                                                                                                                        Data Ascii: Akcfdk<#t!ScY:Mcm|H;Ro6co0|jckWAPdx{"CnRd=tSfP:,od*)"i65iHN !b+"X,z`dU$2ZtC!ZDJ-QC`H1[vz>tbh2\!{& &g
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: a0 d8 f1 b8 0b eb 59 9f 6b a8 d8 01 e0 b0 64 a7 88 35 bb 52 03 b0 5b 74 cf 1d f4 25 08 66 88 7a 45 d1 e0 e9 c8 a5 c4 4b d3 2e 9e b4 57 4e 0a 05 a7 ad 53 a8 4e 65 a4 b9 0b 01 41 aa d6 6a 0b 15 38 60 d0 b6 db 88 b8 78 e1 ff ff fc b0 ca df bd f1 d2 0b fe 7f 86 9f 7a ee 69 4f a8 39 4e 4a bd 27 82 04 2c e9 1b a9 1c 54 82 a2 c5 ce 62 ee 92 47 b5 5c 51 7d fb 44 61 1f 6d b0 76 bc de d5 39 08 d8 e2 6e 61 75 b8 2c b6 06 43 ac f3 33 c6 91 b5 37 4a 83 d6 a7 3b 3e e1 64 f3 d0 a1 fd e8 8a 37 44 6e 72 4f 8b 7a f6 5c 3b fe f0 8a fd f3 2e 3b 77 ba 3e fb d6 15 9a 61 5d 9e d8 b0 6c 2e 85 7a 10 2b ef b5 1b c6 62 49 91 72 03 e3 0d 00 69 d7 bb 42 d7 66 45 7a bb 3d da de 2a 5a 3b 19 0c d2 fc 19 a9 1a 8b 6a 28 45 34 19 36 58 89 72 c4 d8 60 42 ba 68 50 3c d0 10 ad 93 10 52 1b e1
                                                                                                                                                                                                                                        Data Ascii: Ykd5R[t%fzEK.WNSNeAj8`xziO9NJ',TbG\Q}Damv9nau,C37J;>d7DnrOz\;.;w>a]l.z+bIriBfEz=*Z;j(E46Xr`BhP<R
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC1369INData Raw: 09 10 20 c3 8e 39 69 05 7c 34 27 52 c4 35 df 31 6a 31 19 4d 66 19 5c 59 85 af 39 a1 3f b1 7c 43 11 8d 5c 52 dc 3d fc 7b f1 59 21 12 72 a1 f5 9d f2 55 6a 63 b7 b5 7c a5 39 a1 9d 46 8e 96 4e 15 12 35 46 7b d3 aa 06 1c d6 ed 6b aa 9e 82 81 a6 05 ba 1f 2f 6e a4 c0 84 66 85 7c b7 28 47 0c 1e a3 12 6a a1 b3 51 94 a9 5d 33 b9 92 67 46 d0 08 f0 e9 2f cb 37 3f ea 8e ca 7a b9 37 3b 33 ea 15 3b db 04 35 47 db c3 4b 43 48 81 99 c5 af c0 e9 99 b4 29 35 54 04 69 9e a3 f0 7b 6a 96 38 60 6a 48 95 00 87 5c ff 56 8e 22 4a 32 a5 8b 09 c7 0e 44 fc 88 44 7d c9 df 9b 97 02 8b 80 c0 9b 4d 53 92 d0 01 11 46 e5 53 b8 f3 d4 ce e1 82 83 74 27 4a 62 37 c6 f3 dc 42 59 51 7c d0 22 34 3f b2 7c 00 92 97 8e 45 01 8f c6 a0 0a 42 30 c9 74 8e e7 64 31 93 70 55 6c 99 45 02 a8 cc 48 46 75 ec
                                                                                                                                                                                                                                        Data Ascii: 9i|4'R51j1Mf\Y9?|C\R={Y!rUjc|9FN5F{k/nf|(GjQ]3gF/7?z7;3;5GKCH)5Ti{j8`jH\V"J2DD}MSFSt'Jb7BYQ|"4?|EB0td1pUlEHFu
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 15 17 3f a7 ae cb 68 9d 70 74 2e 09 6d db 5b db b8 75 11 aa b5 88 d8 05 ac 0c 6f 9f bb 2a 7c 0e 37 a6 56 5c e7 51 2f 12 01 70 0d 8e 10 68 f4 8c 70 e8 12 b2 38 62 71 df 74 a7 11 bb 65 dd b1 12 62 3f 8b d8 9d 08 e4 c8 f1 c0 d7 2b ed e8 ac a5 3b 23 c3 6b 23 19 3f 5e 23 b3 38 6e 4d 86 7b 12 b5 e5 dc 68 d4 12 4d 4d 98 fc 38 47 ab 5e 59 38 d8 30 da eb c4 6b 6f 21 de 54 5f 01 f5 97 8c 28 25 26 7d 80 d2 5b e3 d9 8e 1e bf 50 ba 74 3e a8 72 d3 ea 6e 72 3f bb 1b 3f f8 15 5b 7a fc 9d 36 b7 7d bc 7c fc d3 72 4a a0 ea 26 29 a9 15 91 1e 85 7e d1 fc 87 e2 51 bf 01 95 1a 99 ab b8 80 d6 00 36 21 30 a9 66 f9 94 a2 97 98 44 1c db 3c de 43 99 5f 7d d8 f9 e2 5d f6 54 16 f1 66 50 c1 80 ca 76 40 2c a8 55 04 b9 e6 71 ec 89 71 88 70 ac 1e eb a8 06 91 53 2b eb c4 38 a0 87 87 44 08
                                                                                                                                                                                                                                        Data Ascii: ?hpt.m[uo*|7V\Q/php8bqteb?+;#k#?^#8nM{hMM8G^Y80ko!T_(%&}[Pt>rnr??[z6}|rJ&)~Q6!0fD<C_}]TfPv@,UqqpS+8D
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 15 38 c0 3e 40 3c ac b0 06 9a 81 ce 30 c3 16 00 5b 5c 22 a3 79 74 12 00 9e 55 66 08 60 05 7b 47 a7 59 65 f2 7b b9 a6 33 5b fc 52 87 38 a3 67 0a 21 92 d6 1e 7c a4 53 2a 34 9f a6 f4 24 12 de 51 ca a7 d8 fd 6f aa dd 78 99 ad 93 31 35 db ef 90 b9 98 e2 31 a0 43 41 62 ad da 3a e0 b2 25 9d 84 70 ab 5e 13 a5 1d e9 c5 32 80 b3 e9 00 1d fc 5e 90 7d 51 df 46 1f e1 05 2c ba 29 08 02 65 2f ce eb da c1 2a 16 35 22 45 e2 65 4d 6d 24 34 9a 2c 4e eb 13 95 6b 95 b2 46 3c 0b 82 e3 97 d6 11 ed 14 c0 2a 72 c7 ec 8b 20 f3 f8 da eb 9d 24 4b b8 1f fd 11 a0 2a 22 c8 63 49 e4 dc a3 d8 e6 b5 d3 91 8e 84 20 86 f2 e2 e3 9c db 92 da 10 52 8d aa 61 8c b8 35 32 fc 47 01 d5 0f 24 58 04 19 bb 53 43 98 4f c4 ec 80 c1 87 cb 29 c9 50 dd 05 a6 55 31 8b e6 65 a6 2b 95 9e 84 12 96 df 78 57 0a
                                                                                                                                                                                                                                        Data Ascii: 8>@<0[\"ytUf`{GYe{3[R8g!|S*4$Qox151CAb:%p^2^}QF,)e/*5"EeMm$4,NkF<*r $K*"cI Ra52G$XSCO)PU1e+xW
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 80 d7 6e 34 d6 b5 36 27 68 7c 4a db c3 18 65 36 52 cf a1 a9 1c 9e 2f 26 63 46 48 80 68 69 02 07 45 49 fd 1f 76 d2 d5 2d f0 a5 49 15 c2 2e 0c 1b 97 59 9e 67 52 56 81 ab b5 87 ea 5d 8e 5c b8 a8 d0 6c 58 f3 7c fe 2f f2 e3 a3 77 85 30 fb 79 34 17 2a c4 8a 21 bc d2 cc 03 71 60 35 8b de c0 7a 56 76 b2 fb 80 dd 88 d0 2c 9b 62 71 5e f8 2d 85 72 0d 3b 6d 17 8c 38 60 15 56 3a cf 12 ae 8d 11 e0 d6 5a 8a cb 48 c6 74 98 0e 10 27 b5 d4 37 0d 60 c4 c0 28 18 94 0b ef 9b 49 81 8c ad 6c 86 b5 5e 72 f5 ac 16 e9 34 27 dd 19 a7 d9 a7 85 8d eb 40 40 ba 86 cc 64 9a da 40 e2 c2 6f 74 55 b8 bf c6 c0 11 cf f3 56 03 32 10 2c c8 d9 7f 9a 78 4c f3 17 11 e8 b6 44 cf c4 d6 cd ce 20 97 3f 7d bc 95 6b 54 51 14 b4 01 5b 13 75 af 8b eb 03 fe 0d 1b 8a ee 48 a2 06 e0 a0 a9 29 5a 68 b3 0d c0
                                                                                                                                                                                                                                        Data Ascii: n46'h|Je6R/&cFHhiEIv-I.YgRV]\lX|/w0y4*!q`5zVv,bq^-r;m8`V:ZHt'7`(Il^r4'@@d@otUV2,xLD ?}kTQ[uH)Zh
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: eb 37 02 41 4e 01 8c 47 15 97 d0 78 13 0a b8 19 e8 10 d9 58 0d 03 30 5b 54 37 e5 1a 17 e7 55 18 ca a1 0c 22 a5 21 5a 29 f1 99 68 f9 e9 1e 56 0a 9c d2 79 35 5f e3 69 fc 91 c7 39 0d 1b 14 f0 79 d8 87 b1 19 ad e5 af 05 1f 01 57 75 56 c4 8c e8 51 0f 01 da 8e 26 d8 b0 d8 37 7b 13 26 12 5e 82 d2 13 af a5 b6 8d 66 5c 1d ef a8 e0 23 be 38 64 37 ee ad 6a b6 62 31 e8 c2 d1 97 af ce 74 3f 2f 74 20 94 97 63 72 97 24 bb 37 72 d3 b1 a4 7c f0 9e b9 86 29 d3 0c ee eb c0 6d 1b bb cf b1 4f c2 1b 6a a8 1b 21 14 63 33 3d ef 09 0c 9e bb fb 1c 65 59 10 5c 8c 86 c6 2a 31 0b 12 9f 57 0b db 9a c4 d8 98 5d 36 f7 85 36 f9 54 6f a4 fc 7f 0f f7 04 66 81 51 fa e0 c0 6c 2e b4 c7 6e 0a bb 2f 1e 6a ef 7d 10 77 1d 75 ba 6e 05 16 8a b9 7b a5 69 fa 1a 47 4f 3b 8f ac 18 76 0b ef b3 15 2e 3d
                                                                                                                                                                                                                                        Data Ascii: 7ANGxX0[T7U"!Z)hVy5_i9yWuVQ&7{&^f\#8d7jb1t?/t cr$7r|)mOj!c3=eY\*1W]66TofQl.n/j}wun{iGO;v.=
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 4d 92 99 c5 88 36 6e 7e 91 2c c7 9e 93 53 c1 3d 05 58 2e 23 80 94 ba 58 44 e7 8e 2d a7 10 75 26 18 2d 2a 97 db f3 58 10 39 e2 3a bb 04 98 5d 20 40 dc 06 5d 8c 10 00 79 5d a1 9c 0c 8c 4c 39 17 dc 8a 6d 05 c5 23 53 9a d2 bd f1 26 20 3e 17 bd 10 95 cc d6 b2 92 aa fe ce a6 d6 75 0d 80 b8 06 a0 97 d5 41 f7 4b 61 20 04 fd d5 cb 29 92 60 5f c4 cf 7f da ca af 90 62 da d1 50 e2 08 e6 29 ee 6b 3a 2b 64 c0 2a 19 d2 fe 05 1e cd 77 bb 27 e1 ec 80 b5 98 ac fe 32 09 b9 e1 70 22 53 ee 99 db 9c b5 7b ac 4d f2 8c 75 e2 a1 e9 e4 f3 7b 03 3a 2b 5e 49 b5 70 44 7d ce 2a c4 14 61 6d 06 01 a3 10 25 cc b7 db ec 56 9f 45 a7 f9 aa 56 50 5d 2f 35 a9 f3 52 79 fd 23 2e 0d 30 cf da 43 c2 8d 58 42 31 d7 65 15 44 ec ab 68 99 36 6f 1e 5d 3a b9 3e 73 d3 9e 10 b3 99 b8 3d c0 63 06 c5 cf f7
                                                                                                                                                                                                                                        Data Ascii: M6n~,S=X.#XD-u&-*X9:] @]y]L9m#S& >uAKa )`_bP)k:+d*w'2p"S{Mu{:+^IpD}*am%VEVP]/5Ry#.0CXB1eDh6o]:>s=c


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        62192.168.2.449806104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC837OUTGET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/wp-content/themes/meminz/style.css?ver=202306092
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC962INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:28 GMT
                                                                                                                                                                                                                                        Content-Type: image/webp
                                                                                                                                                                                                                                        Content-Length: 112
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: origFmt=png, origSize=216
                                                                                                                                                                                                                                        Content-Disposition: inline; filename="pricing-line.webp"
                                                                                                                                                                                                                                        ETag: "103ac7-d8-50cdb39a46700"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 00:41:48 GMT
                                                                                                                                                                                                                                        Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 3220
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MX8UpZs5n5BHLM8C68UMQJMBlnrv2hGksKq19EM5bnhkANwQumTFWBOtJodlZAzXU%2F1V7ZoK2Q8330ySQ5bwQFli5pH2C6oakGOIo24YrYA%2FhCbUTVeFr0ClhDk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9a1e771977-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC112INData Raw: 52 49 46 46 68 00 00 00 57 45 42 50 56 50 38 4c 5c 00 00 00 2f 1b 01 00 10 cd 00 04 e1 ff db 43 44 ff d3 0a 36 6d 23 09 5a fe c8 0e d8 b7 df 27 99 08 85 6d db 20 c5 ff 1f 1e e4 13 70 a4 ea 94 7a 06 2e 6c 1b 1b 57 d8 70 70 44 34 ed 60 11 45 10 10 10 bf bf e7 23 20 20 28 72 47 9a 65 de d6 da b6 9b b1 01 8c 8d 6d 6b 65 aa 07 c1 a3 90 04
                                                                                                                                                                                                                                        Data Ascii: RIFFhWEBPVP8L\/CD6m#Z'm pz.lWppD4`E# (rGemke


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        63192.168.2.449810104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC843OUTGET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC977INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: image/webp
                                                                                                                                                                                                                                        Content-Length: 2550
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: origFmt=png, origSize=2914
                                                                                                                                                                                                                                        Content-Disposition: inline; filename="bitsum_logo_transparent.webp"
                                                                                                                                                                                                                                        ETag: "fc9c7-b62-5477ff47bc7e3"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 01:08:36 GMT
                                                                                                                                                                                                                                        Last-Modified: Wed, 01 Feb 2017 22:56:11 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1613
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eacP7e4RL7b%2FYOxlpNMhlWatu3rCFjEYzij3jsuZijb26j6oayalrzkZBX5%2BWNzFJXaavBJtKXsllvbNbZ8RGmH9poXkOyj8MsYvf3pjmHS7l5sw3w3V3J%2BEoYU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9a3a06726f-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC392INData Raw: 52 49 46 46 ee 09 00 00 57 45 42 50 56 50 38 4c e2 09 00 00 2f 10 c1 18 10 7f 05 39 92 24 49 91 17 b7 54 e8 2f 0e 4f d8 ed ca 54 c3 6d 6c db aa b2 bf e0 92 b9 b5 4f 33 84 74 41 e4 f0 e4 9c 0b 4b 92 6c d3 56 ad 7d 6d 7f 79 c6 77 92 78 f6 db c6 82 5b db b6 aa 6a e1 ee 52 02 11 05 30 c8 dc 29 81 41 01 94 40 23 44 0c 52 77 52 7a b0 9c 90 ef ae d7 08 40 43 6f e0 19 48 20 c0 3f d0 40 81 7f f0 01 14 50 40 82 3f 20 80 02 12 68 a0 80 00 06 18 20 80 00 12 28 20 81 00 06 fc 83 5f f0 0b 34 90 40 81 7f f0 07 be 81 00 06 18 a0 5a f3 5d 84 5e 7d d2 6f 97 0d eb d6 d4 3f b4 70 4a 75 57 ed 8b f5 6b 53 4c 24 ac 7f 7a b9 9c 57 4e 25 57 fb 8c a2 03 1c b6 5a aa 6e a6 8a 8e 46 74 a5 26 57 23 ec ce df 22 e8 a4 16 47 4a 74 46 d1 93 12 5d 9b ad 6f 4b b6 d7 d1 9d ec 3d c9 83 bf 64
                                                                                                                                                                                                                                        Data Ascii: RIFFWEBPVP8L/9$IT/OTmlO3tAKlV}mywx[jR0)A@#DRwRz@CoH ?@P@? h ( _4@Z]^}o?pJuWkSL$zWN%WZnFt&W#"GJtF]oK=d
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 1b 6a 60 48 12 92 0b 71 e5 d2 57 66 5c e0 8a a6 ed a7 e9 89 6a 20 f6 dd 95 8d e0 9e 51 72 6a 9d 6f 5a c9 e6 b5 a3 02 a5 4b 92 d0 d4 b8 f6 93 e1 e3 60 6e be 93 af fb f9 35 f9 b9 7d 24 7f d7 25 97 ae 97 fb 7f fd f3 ff f1 e7 f7 e5 9a 36 8e 82 b6 6d 18 97 3f ec ee 50 88 88 09 80 34 f2 39 da ff ff 7f 4d 23 e9 bb bb e7 ae bf b9 df b1 d3 4e 61 4a dd 05 aa b8 86 60 0d 71 02 61 dc 5d aa 04 92 0a a5 65 ac 36 ac fe 91 84 96 0a 17 ce 3f df 88 fe 4f 80 24 db b6 d5 36 fa ef 8b 65 66 06 31 a4 c8 03 a8 5e ad 9a ff 9c 04 f5 0c fa d5 bd 2f a2 ff 13 80 fe 8b 7b 67 eb e1 fe e7 3d 2d 86 81 cf ef 99 5a 0c bd 8f 01 b5 1c 4d 2d 05 5c d3 52 34 3b b6 bb 5b 0c 8b a5 19 d4 62 b4 da c7 5b 0d 2d 49 e7 62 cb e1 8d 0d 7a 2c 2d 85 f1 b2 ad fb de 63 53 cb c0 8a 60 f1 ed c8 cb 2f ef a1 96
                                                                                                                                                                                                                                        Data Ascii: j`HqWf\j QrjoZK`n5}$%6m?P49M#NaJ`qa]e6?O$6ef1^/{g=-ZM-\R4;[b[-Ibz,-cS`/
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC789INData Raw: f9 c1 35 39 23 89 1c 93 a2 92 71 cd 67 47 ba 6f 66 da 6b ac 08 ac 47 71 32 02 44 38 14 f0 4d 1a a4 ce 07 57 b3 19 49 e4 19 9a 4a c6 a2 3e 9b de 54 a9 b7 66 1c 01 7c d8 8b 91 51 92 08 69 be 29 a3 74 ff 6a 36 93 16 05 8e a1 12 f1 d8 46 9d 8e f2 ce 00 82 8e 2a 02 cb 87 64 22 16 8f 62 22 e4 9b e9 b8 d0 f6 8e 17 3e cc 00 1e 5f 93 75 58 9a 8a c7 de 3d d7 83 61 c7 9b f9 99 ea 20 02 6b 82 4a 26 62 f1 68 24 ac 15 ba 2f b4 15 01 a5 21 7c b8 ae 07 0c bd 10 87 a3 4e 3d 30 0f db 16 cd 08 60 70 3f 45 25 13 31 32 12 d6 b6 06 2e bc ca 10 5e dc c8 ea b1 74 6a 21 fe 7e b0 4e fd 17 07 29 0a 92 89 18 49 04 4b 46 a9 fb 96 20 81 c8 73 2c 43 a7 a8 e4 de d1 49 cc 87 0c 0d 29 2a 99 88 45 42 86 09 2a 8c 90 96 84 3a 64 65 f2 04 cf 6e 30 18 d3 29 aa 46 ed 36 4a b6 7d 56 10 d3 22 4f
                                                                                                                                                                                                                                        Data Ascii: 59#qgGofkGq2D8MWIJ>Tf|Qi)tj6F*d"b">_uX=a kJ&bh$/!|N=0`p?E%12.^tj!~N)IKF s,CI)*EB*:den0)F6J}V"O


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        64192.168.2.449811104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:28 UTC536OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdsAMFdk1HUXCHphXTNwgQ%2FkHejmr%2BspTm3b4ftdPTvNpsvkjdPrVHTKMaZoL%2BkWBoy6CjuZfL593qeCVql4IKBoBpjSja4KcAtBtObgo0sVyH5NwRpLv6z1P30%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9a4e1141db-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        65192.168.2.449812104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC830OUTGET /wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC792INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Wed, 10 Apr 2024 21:49:20 GMT
                                                                                                                                                                                                                                        ETag: W/"1029d5-600-615c502d84b2f-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4801
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8thtkiIPSza2UpYJyUCoB%2BHxfYJbFGE%2BbxX7wtwCtYfXrnFIwmLcEX%2BSwCh1w60CXhTrcKxmzFpE%2F2vsJ0bG%2BSm50OemWxIOQREDgmUGa7fJGv%2BSFHXp808MgTE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9bfb1f8c54-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC577INData Raw: 36 30 30 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 69 2c 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 2e 72 65 70 6c 61 63 65 28 2f 28 3f 3a 28 3f 3a 5e 7c 2e 2a 3b 5c 73 2a 29 65 75 63 6f 6f 6b 69 65 6c 61 77 5c 73 2a 5c 3d 5c 73 2a 28 5b 5e 3b 5d 2a 29 2e 2a 24 29 7c 5e 2e 2a 24 2f 2c 22 24 31 22 29 2c 6e 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 65 75 2d 63 6f 6f 6b 69 65 2d 6c 61 77 22 29 2c 73 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 2e 77 69 64 67 65 74 5f 65 75 5f 63 6f 6f 6b 69 65 5f 6c 61 77 5f 77 69 64 67 65 74 22 29 2c 61 3d 73 26 26 73 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 63 75 73 74 6f 6d 69 7a 65 2d 77 69 64 67 65 74 2d
                                                                                                                                                                                                                                        Data Ascii: 600!function(){var e,t,i,o=document.cookie.replace(/(?:(?:^|.*;\s*)eucookielaw\s*\=\s*([^;]*).*$)|^.*$/,"$1"),n=document.getElementById("eu-cookie-law"),s=document.querySelector(".widget_eu_cookie_law_widget"),a=s&&s.hasAttribute("data-customize-widget-
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC966INData Raw: 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 6e 29 7d 65 6c 73 65 22 22 3d 3d 3d 6f 7c 7c 61 7c 7c 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 6e 29 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 73 29 2c 6e 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 66 6f 72 6d 22 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 75 62 6d 69 74 22 2c 6c 29 2c 6e 2e 63 6c 61 73 73 4c 69 73 74 2e 63 6f 6e 74 61 69 6e 73 28 22 68 69 64 65 2d 6f 6e 2d 73 63 72 6f 6c 6c 22 29 3f 28 74 3d 65 28 29 2c 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 4d 61 74 68 2e 61 62 73 28 65 28 29 2d 74 29 3e 35 30 26 26 6c 28 29 7d 2c 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 63 72 6f
                                                                                                                                                                                                                                        Data Ascii: e.removeChild(n)}else""===o||a||n.parentNode.removeChild(n);document.body.appendChild(s),n.querySelector("form").addEventListener("submit",l),n.classList.contains("hide-on-scroll")?(t=e(),i=function(){Math.abs(e()-t)>50&&l()},window.addEventListener("scro
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        66192.168.2.449813104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC815OUTGET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                                        ETag: W/"10025e-5115-615e2e3b5233e-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 3505
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZULDmuB01OtM1YHvH8PozA2sz%2BqdgmcyIrRKbi8jyPoMTVAbgk0yj6nbkVgvYF7W1Zj5o5pFr5W2MwMaiWBjYpITWDMp%2BJj2dypbaYuRCCnbScOdxFCW0h0%2FYeI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9c7c8a42ca-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC582INData Raw: 35 31 31 35 0d 0a 2f 2a 21 0a 20 2a 20 57 50 42 61 6b 65 72 79 20 50 61 67 65 20 42 75 69 6c 64 65 72 20 76 36 2e 30 2e 30 20 28 68 74 74 70 73 3a 2f 2f 77 70 62 61 6b 65 72 79 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 34 20 4d 69 63 68 61 65 6c 20 4d 2c 20 57 50 42 61 6b 65 72 79 0a 20 2a 20 4c 69 63 65 6e 73 65 3a 20 43 6f 6d 6d 65 72 63 69 61 6c 2e 20 4d 6f 72 65 20 64 65 74 61 69 6c 73 3a 20 68 74 74 70 3a 2f 2f 67 6f 2e 77 70 62 61 6b 65 72 79 2e 63 6f 6d 2f 6c 69 63 65 6e 73 69 6e 67 0a 20 2a 2f 0a 0a 2f 2f 20 6a 73 63 73 3a 64 69 73 61 62 6c 65 0a 2f 2f 20 6a 73 68 69 6e 74 20 69 67 6e 6f 72 65 3a 20 73 74 61 72 74 0a 0a 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73
                                                                                                                                                                                                                                        Data Ascii: 5115/*! * WPBakery Page Builder v6.0.0 (https://wpbakery.com) * Copyright 2011-2024 Michael M, WPBakery * License: Commercial. More details: http://go.wpbakery.com/licensing */// jscs:disable// jshint ignore: startdocument.documentElement.class
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 2c 66 75 6e 63 74 69 6f 6e 28 24 29 7b 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 76 63 5f 6a 73 26 26 28 77 69 6e 64 6f 77 2e 76 63 5f 6a 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 63 5f 74 6f 67 67 6c 65 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 74 61 62 73 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 61 63 63 6f 72 64 69 6f 6e 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 74 65 61 73 65 72 47 72 69 64 28 29 2c 76 63 5f 63 61 72 6f 75 73 65 6c 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 73 6c 69 64 65 72 73 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 70 72 65 74 74 79 50 68 6f 74 6f 28 29 2c 76 63 5f 70 69 6e 74 65 72 65 73 74 28 29 2c 76 63 5f 70 72 6f 67 72 65 73 73 5f 62 61
                                                                                                                                                                                                                                        Data Ascii: ,function($){"function"!=typeof window.vc_js&&(window.vc_js=function(){"use strict";vc_toggleBehaviour(),vc_tabsBehaviour(),vc_accordionBehaviour(),vc_teaserGrid(),vc_carouselBehaviour(),vc_slidersBehaviour(),vc_prettyPhoto(),vc_pinterest(),vc_progress_ba
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 72 65 73 74 26 26 28 77 69 6e 64 6f 77 2e 76 63 5f 70 69 6e 74 65 72 65 73 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 70 6f 2c 73 3b 30 3c 6a 51 75 65 72 79 28 22 2e 77 70 62 5f 70 69 6e 74 65 72 65 73 74 22 29 2e 6c 65 6e 67 74 68 26 26 28 28 70 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 29 2e 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 2c 70 6f 2e 61 73 79 6e 63 3d 21 30 2c 70 6f 2e 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2e 70 69 6e 74 65 72 65 73 74 2e 63 6f 6d 2f 6a 73 2f 70 69 6e 69 74 2e 6a 73 22 2c 28 73 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 73 63 72 69 70 74 22 29 5b 30 5d 29 2e 70 61
                                                                                                                                                                                                                                        Data Ascii: rest&&(window.vc_pinterest=function(){var po,s;0<jQuery(".wpb_pinterest").length&&((po=document.createElement("script")).type="text/javascript",po.async=!0,po.src="https://assets.pinterest.com/js/pinit.js",(s=document.getElementsByTagName("script")[0]).pa
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 65 6c 65 6d 65 6e 74 2e 61 64 64 43 6c 61 73 73 28 22 76 63 5f 74 6f 67 67 6c 65 5f 61 63 74 69 76 65 22 29 7d 7d 29 7d 28 24 65 6c 3f 24 65 6c 2e 68 61 73 43 6c 61 73 73 28 22 76 63 5f 74 6f 67 67 6c 65 5f 74 69 74 6c 65 22 29 3f 24 65 6c 2e 75 6e 62 69 6e 64 28 22 63 6c 69 63 6b 22 29 3a 24 65 6c 2e 66 69 6e 64 28 22 2e 76 63 5f 74 6f 67 67 6c 65 5f 74 69 74 6c 65 22 29 2e 6f 66 66 28 22 63 6c 69 63 6b 22 29 3a 6a 51 75 65 72 79 28 22 2e 76 63 5f 74 6f 67 67 6c 65 5f 74 69 74 6c 65 22 29 2e 6f 66 66 28 22 63 6c 69 63 6b 22 29 29 2e 6f 6e 28 22 63 6c 69 63 6b 22 2c 65 76 65 6e 74 29 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 76 63 5f 74 74 61 54 6f 67 67 6c 65 42
                                                                                                                                                                                                                                        Data Ascii: lete:function(){element.addClass("vc_toggle_active")}})}($el?$el.hasClass("vc_toggle_title")?$el.unbind("click"):$el.find(".vc_toggle_title").off("click"):jQuery(".vc_toggle_title").off("click")).on("click",event)}),"function"!=typeof window.vc_ttaToggleB
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 6e 74 2c 75 69 29 7d 2c 61 63 74 69 76 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 76 65 6e 74 2c 75 69 29 7b 77 70 62 5f 70 72 65 70 61 72 65 5f 74 61 62 5f 63 6f 6e 74 65 6e 74 28 65 76 65 6e 74 2c 75 69 29 7d 7d 29 3b 69 66 28 69 6e 74 65 72 76 61 6c 26 26 30 3c 69 6e 74 65 72 76 61 6c 29 74 72 79 7b 24 74 61 62 73 2e 74 61 62 73 28 22 72 6f 74 61 74 65 22 2c 31 65 33 2a 69 6e 74 65 72 76 61 6c 29 7d 63 61 74 63 68 28 65 72 72 29 7b 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 26 26 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 22 74 61 62 73 20 62 65 68 61 76 69 6f 75 72 73 20 65 72 72 6f 72 22 2c 65 72 72 29 7d 6a 51 75 65 72 79 28 74 68 69 73 29 2e 66 69 6e 64 28 22 2e 77 70 62 5f 74 61 62 22 29 2e
                                                                                                                                                                                                                                        Data Ascii: nt,ui)},activate:function(event,ui){wpb_prepare_tab_content(event,ui)}});if(interval&&0<interval)try{$tabs.tabs("rotate",1e3*interval)}catch(err){window.console&&window.console.warn&&console.warn("tabs behaviours error",err)}jQuery(this).find(".wpb_tab").
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 61 72 73 65 49 6e 74 28 24 74 68 69 73 2e 64 61 74 61 28 22 61 63 74 69 76 65 2d 74 61 62 22 29 2c 31 30 29 2d 31 29 2c 63 6f 6c 6c 61 70 73 69 62 6c 65 3d 21 31 3d 3d 3d 61 63 74 69 76 65 5f 74 61 62 7c 7c 22 79 65 73 22 3d 3d 3d 24 74 68 69 73 2e 64 61 74 61 28 22 63 6f 6c 6c 61 70 73 69 62 6c 65 22 29 2c 61 63 74 69 76 65 5f 74 61 62 3d 24 74 68 69 73 2e 66 69 6e 64 28 22 2e 77 70 62 5f 61 63 63 6f 72 64 69 6f 6e 5f 77 72 61 70 70 65 72 22 29 2e 61 63 63 6f 72 64 69 6f 6e 28 7b 68 65 61 64 65 72 3a 22 3e 20 64 69 76 20 3e 20 68 33 22 2c 61 75 74 6f 48 65 69 67 68 74 3a 21 31 2c 68 65 69 67 68 74 53 74 79 6c 65 3a 22 63 6f 6e 74 65 6e 74 22 2c 61 63 74 69 76 65 3a 61 63 74 69 76 65 5f 74 61 62 2c 63 6f 6c 6c 61 70 73 69 62 6c 65 3a 63 6f 6c 6c 61 70 73
                                                                                                                                                                                                                                        Data Ascii: arseInt($this.data("active-tab"),10)-1),collapsible=!1===active_tab||"yes"===$this.data("collapsible"),active_tab=$this.find(".wpb_accordion_wrapper").accordion({header:"> div > h3",autoHeight:!1,heightStyle:"content",active:active_tab,collapsible:collaps
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 65 72 22 29 7d 29 7d 29 2c 6a 51 75 65 72 79 28 77 69 6e 64 6f 77 29 2e 6f 6e 28 22 6c 6f 61 64 20 72 65 73 69 7a 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 24 74 68 75 6d 62 73 2e 69 73 6f 74 6f 70 65 28 22 6c 61 79 6f 75 74 22 29 7d 29 7d 29 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 76 63 5f 63 61 72 6f 75 73 65 6c 42 65 68 61 76 69 6f 75 72 26 26 28 77 69 6e 64 6f 77 2e 76 63 5f 63 61 72 6f 75 73 65 6c 42 65 68 61 76 69 6f 75 72 3d 66 75 6e 63 74 69 6f 6e 28 24 70 61 72 65 6e 74 29 7b 28 24 70 61 72 65 6e 74 3f 24 70 61 72 65 6e 74 2e 66 69 6e 64 28 22 2e 77 70 62 5f 63 61 72 6f 75 73 65 6c 22 29 3a 6a 51 75 65 72 79 28 22 2e 77 70 62 5f 63 61 72 6f 75 73 65 6c 22 29 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                        Data Ascii: er")})}),jQuery(window).on("load resize",function(){$thumbs.isotope("layout")})})}),"function"!=typeof window.vc_carouselBehaviour&&(window.vc_carouselBehaviour=function($parent){($parent?$parent.find(".wpb_carousel"):jQuery(".wpb_carousel")).each(functio
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 68 69 73 5f 65 6c 65 6d 65 6e 74 2e 66 69 6e 64 28 22 2e 77 70 62 5f 69 6d 61 67 65 5f 67 72 69 64 5f 75 6c 22 29 2e 69 6d 61 67 65 73 4c 6f 61 64 65 64 28 66 75 6e 63 74 69 6f 6e 28 29 7b 24 69 6d 61 67 65 73 47 72 69 64 2e 69 73 6f 74 6f 70 65 28 7b 69 74 65 6d 53 65 6c 65 63 74 6f 72 3a 22 2e 69 73 6f 74 6f 70 65 2d 69 74 65 6d 22 2c 6c 61 79 6f 75 74 4d 6f 64 65 3a 22 66 69 74 52 6f 77 73 22 7d 29 7d 29 3a 74 68 69 73 5f 65 6c 65 6d 65 6e 74 2e 66 69 6e 64 28 22 2e 77 70 62 5f 69 6d 61 67 65 5f 67 72 69 64 5f 75 6c 22 29 2e 69 73 6f 74 6f 70 65 28 7b 69 74 65 6d 53 65 6c 65 63 74 6f 72 3a 22 2e 69 73 6f 74 6f 70 65 2d 69 74 65 6d 22 2c 6c 61 79 6f 75 74 4d 6f 64 65 3a 22 66 69 74 52 6f 77 73 22 7d 29 29 7d 29 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 21
                                                                                                                                                                                                                                        Data Ascii: his_element.find(".wpb_image_grid_ul").imagesLoaded(function(){$imagesGrid.isotope({itemSelector:".isotope-item",layoutMode:"fitRows"})}):this_element.find(".wpb_image_grid_ul").isotope({itemSelector:".isotope-item",layoutMode:"fitRows"}))})}),"function"!
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 74 2c 6f 66 66 73 65 74 2c 77 69 64 74 68 2c 63 73 73 50 72 6f 70 73 2c 70 61 64 64 69 6e 67 2c 70 61 64 64 69 6e 67 52 69 67 68 74 2c 24 65 6c 3d 24 28 74 68 69 73 29 2c 24 65 6c 5f 66 75 6c 6c 3d 28 24 65 6c 2e 61 64 64 43 6c 61 73 73 28 22 76 63 5f 68 69 64 64 65 6e 22 29 2c 24 65 6c 2e 6e 65 78 74 28 22 2e 76 63 5f 72 6f 77 2d 66 75 6c 6c 2d 77 69 64 74 68 22 29 29 3b 28 24 65 6c 5f 66 75 6c 6c 3d 24 65 6c 5f 66 75 6c 6c 2e 6c 65 6e 67 74 68 3f 24 65 6c 5f 66 75 6c 6c 3a 24 65 6c 2e 70 61 72 65 6e 74 28 29 2e 6e 65 78 74 28 22 2e 76 63 5f 72 6f 77 2d 66 75 6c 6c 2d 77 69 64 74 68 22 29 29 2e 6c 65 6e 67 74 68 26 26 28 65 6c 5f 6d 61 72 67 69 6e 5f 6c 65 66 74 3d 70 61 72 73 65 49 6e 74 28 24 65 6c 2e 63 73 73 28 22 6d 61 72 67 69 6e 2d 6c 65 66 74 22
                                                                                                                                                                                                                                        Data Ascii: t,offset,width,cssProps,padding,paddingRight,$el=$(this),$el_full=($el.addClass("vc_hidden"),$el.next(".vc_row-full-width"));($el_full=$el_full.length?$el_full:$el.parent().next(".vc_row-full-width")).length&&(el_margin_left=parseInt($el.css("margin-left"
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 24 28 77 69 6e 64 6f 77 29 2e 68 65 69 67 68 74 28 29 2c 28 6f 66 66 73 65 74 54 6f 70 3d 24 65 6c 65 6d 65 6e 74 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 29 3c 77 69 6e 64 6f 77 48 65 69 67 68 74 29 26 26 24 65 6c 65 6d 65 6e 74 2e 63 73 73 28 22 6d 69 6e 2d 68 65 69 67 68 74 22 2c 31 30 30 2d 6f 66 66 73 65 74 54 6f 70 2f 28 77 69 6e 64 6f 77 48 65 69 67 68 74 2f 31 30 30 29 2b 22 76 68 22 29 2c 24 28 64 6f 63 75 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 22 76 63 2d 66 75 6c 6c 2d 68 65 69 67 68 74 2d 72 6f 77 22 2c 24 65 6c 65 6d 65 6e 74 29 7d 24 28 77 69 6e 64 6f 77 29 2e 6f 66 66 28 22 72 65 73 69 7a 65 2e 76 63 52 6f 77 42 65 68 61 76 69 6f 75 72 22 29 2e 6f 6e 28 22 72 65 73 69 7a 65 2e 76 63 52 6f 77 42 65 68 61 76 69 6f 75 72 22 2c 66 75 6c 6c 57
                                                                                                                                                                                                                                        Data Ascii: $(window).height(),(offsetTop=$element.offset().top)<windowHeight)&&$element.css("min-height",100-offsetTop/(windowHeight/100)+"vh"),$(document).trigger("vc-full-height-row",$element)}$(window).off("resize.vcRowBehaviour").on("resize.vcRowBehaviour",fullW


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        67192.168.2.449815104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC558OUTGET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC895INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: image/png
                                                                                                                                                                                                                                        Content-Length: 147
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: origSize=216
                                                                                                                                                                                                                                        ETag: "103ac7-d8-50cdb39a46700"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 00:42:03 GMT
                                                                                                                                                                                                                                        Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 3206
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5e2exeVyLJZx9ylaxT9UDQj07CmscTsrRb5%2FxMZunkGVo6Ddz%2FnGHXe9mrBtiN%2BArvno7SPopH2YtAf%2Fn%2F52aHkut5hMzX2Ieqiq7mGwAOvjWrPGSF8kknDGsn0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9cc81a41a1-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC147INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 1c 00 00 00 01 08 04 00 00 00 a6 c2 d9 9a 00 00 00 5a 49 44 41 54 78 da e5 8d c1 0d 80 30 0c 03 93 06 f6 5f 8b a1 68 8b ec 9e e0 d1 11 88 75 b6 f3 49 f2 ca 58 93 02 35 61 15 3a 04 2a fc 8c 7a 7b b3 57 a4 ba d0 0d 3c e4 4a a0 e1 5b fe 7a e6 b6 ed 39 95 66 08 ef 43 c8 4d 77 ef 02 dd 20 b7 d8 ed 68 18 6e a0 ef 67 ae 46 e6 03 9e 5b 3b cb 63 f0 68 29 00 00 00 00 49 45 4e 44 ae 42 60 82
                                                                                                                                                                                                                                        Data Ascii: PNGIHDRZIDATx0_huIX5a:*z{W<J[z9fCMw hngF[;ch)IENDB`


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        68192.168.2.449816104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC809OUTGET /wp-content/plugins/edd-multi-currency/assets/build/frontend.js?ver=1.1.1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC817INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 2203
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        ETag: "ff5ba-89b-60b858a34a9a2-gzip"
                                                                                                                                                                                                                                        Last-Modified: Sat, 02 Dec 2023 11:53:57 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1613
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BihddNBz92%2BwfKSqqJMDvJqM3b2FgSw%2Fjm4crc8695E0a22dHGqI6463LMKrmxQSV63SsC3XyWT4ftXUQpsnozYtfg%2FsHzOWcqZf0iU67sse5CDWeRurDwiNP1M%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9d0f7d8cdc-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC552INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 72 29 7b 69 66 28 74 5b 72 5d 29 72 65 74 75 72 6e 20 74 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 6f 3d 74 5b 72 5d 3d 7b 69 3a 72 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 2e 63 61 6c 6c 28 6f 2e 65 78 70 6f 72 74 73 2c 6f 2c 6f 2e 65 78 70 6f 72 74 73 2c 6e 29 2c 6f 2e 6c 3d 21 30 2c 6f 2e 65 78 70 6f 72 74 73 7d 6e 2e 6d 3d 65 2c 6e 2e 63 3d 74 2c 6e 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 6e 2e 6f 28 65 2c 74 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 72 7d 29 7d 2c 6e 2e 72 3d 66 75 6e
                                                                                                                                                                                                                                        Data Ascii: !function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=fun
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 28 6e 2e 72 28 72 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 72 2c 22 64 65 66 61 75 6c 74 22 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 65 7d 29 2c 32 26 74 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 66 6f 72 28 76 61 72 20 6f 20 69 6e 20 65 29 6e 2e 64 28 72 2c 6f 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 5b 74 5d 7d 2e 62 69 6e 64 28 6e 75 6c 6c 2c 6f 29 29 3b 72 65 74 75 72 6e 20 72 7d 2c 6e 2e 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72 65 74 75
                                                                                                                                                                                                                                        Data Ascii: (n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};retu
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC282INData Raw: 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 28 29 3d 3e 7b 63 6f 6e 73 74 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 2e 65 64 64 2d 6d 75 6c 74 69 2d 63 75 72 72 65 6e 63 79 2d 73 77 69 74 63 68 65 72 22 29 3b 65 26 26 65 2e 66 6f 72 45 61 63 68 28 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 73 65 6c 65 63 74 22 29 2c 6e 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 62 75 74 74 6f 6e 5b 74 79 70 65 3d 22 73 75 62 6d 69 74 22 5d 27 29 3b 74 26 26 6e 26 26 28 6e 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 3d 22 6e 6f 6e 65 22 2c 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 68 61 6e 67 65
                                                                                                                                                                                                                                        Data Ascii: dEventListener("DOMContentLoaded",()=>{const e=document.querySelectorAll(".edd-multi-currency-switcher");e&&e.forEach(e=>{const t=e.querySelector("select"),n=e.querySelector('button[type="submit"]');t&&n&&(n.style.display="none",t.addEventListener("change


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        69192.168.2.449817104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC812OUTGET /wp-content/themes/meminz/js/plugins.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC850INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 175832
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=208904
                                                                                                                                                                                                                                        ETag: "104833-33008-5290600789b80-gzip"
                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Jan 2016 02:50:38 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 1613
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdv3RFDQnQSAl%2BF2TYMkOhxLyPI0Es%2BOOdPhYudN%2BZGlSCEVA6NclQG2GW2o4w5vno1ZvILF8BZTtxo5THXHqRaD3HqucTUjdKlffmXapZKbVlSACGZxFJNpvOI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9d1e985e73-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC519INData Raw: 2f 2a 21 0a 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 32 2e 30 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 34 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 2a 2f 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 42 6f 6f 74 73 74 72 61 70 27 73 20 4a 61 76 61 53 63 72 69 70 74 20 72 65 71 75 69 72 65 73 20 6a 51 75 65 72 79 22 29 3b 2b 66 75
                                                                                                                                                                                                                                        Data Ascii: /*!* Bootstrap v3.2.0 (http://getbootstrap.com)* Copyright 2011-2014 Twitter, Inc.* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)*/if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+fu
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 72 6e 7b 65 6e 64 3a 62 5b 63 5d 7d 3b 72 65 74 75 72 6e 21 31 7d 61 2e 66 6e 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3d 21 31 2c 64 3d 74 68 69 73 3b 61 28 74 68 69 73 29 2e 6f 6e 65 28 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 63 3d 21 30 7d 29 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 7c 7c 61 28 64 29 2e 74 72 69 67 67 65 72 28 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 2e 65 6e 64 29 7d 3b 72 65 74 75 72 6e 20 73 65 74 54 69 6d 65 6f 75 74 28 65 2c 62 29 2c 74 68 69 73 7d 2c 61 28 66 75 6e 63 74 69 6f 6e 28 29 7b 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 3d 62 28 29 2c 61 2e 73 75
                                                                                                                                                                                                                                        Data Ascii: rn{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.su
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 74 6f 74 79 70 65 2e 63 6c 6f 73 65 29 7d 28 6a 51 75 65 72 79 29 2c 2b 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 62 28 62 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 61 28 74 68 69 73 29 2c 65 3d 64 2e 64 61 74 61 28 22 62 73 2e 62 75 74 74 6f 6e 22 29 2c 66 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 62 3b 65 7c 7c 64 2e 64 61 74 61 28 22 62 73 2e 62 75 74 74 6f 6e 22 2c 65 3d 6e 65 77 20 63 28 74 68 69 73 2c 66 29 29 2c 22 74 6f 67 67 6c 65 22 3d 3d 62 3f 65 2e 74 6f 67 67 6c 65 28 29 3a 62 26 26 65 2e 73 65 74 53 74 61 74 65 28 62 29 7d 29 7d 76 61 72 20 63 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 64 29 7b 74 68 69
                                                                                                                                                                                                                                        Data Ascii: totype.close)}(jQuery),+function(a){"use strict";function b(b){return this.each(function(){var d=a(this),e=d.data("bs.button"),f="object"==typeof b&&b;e||d.data("bs.button",e=new c(this,f)),"toggle"==b?e.toggle():b&&e.setState(b)})}var c=function(b,d){thi
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 63 6c 6f 73 65 73 74 28 22 2e 62 74 6e 22 29 29 2c 62 2e 63 61 6c 6c 28 64 2c 22 74 6f 67 67 6c 65 22 29 2c 63 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 7d 29 7d 28 6a 51 75 65 72 79 29 2c 2b 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 62 28 62 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 61 28 74 68 69 73 29 2c 65 3d 64 2e 64 61 74 61 28 22 62 73 2e 63 61 72 6f 75 73 65 6c 22 29 2c 66 3d 61 2e 65 78 74 65 6e 64 28 7b 7d 2c 63 2e 44 45 46 41 55 4c 54 53 2c 64 2e 64 61 74 61 28 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 62 29 2c 67 3d 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 62 3f 62 3a 66 2e 73
                                                                                                                                                                                                                                        Data Ascii: closest(".btn")),b.call(d,"toggle"),c.preventDefault()})}(jQuery),+function(a){"use strict";function b(b){return this.each(function(){var d=a(this),e=d.data("bs.carousel"),f=a.extend({},c.DEFAULTS,d.data(),"object"==typeof b&&b),g="string"==typeof b?b:f.s
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 66 69 6e 64 28 22 2e 69 74 65 6d 2e 61 63 74 69 76 65 22 29 29 3b 72 65 74 75 72 6e 20 62 3e 74 68 69 73 2e 24 69 74 65 6d 73 2e 6c 65 6e 67 74 68 2d 31 7c 7c 30 3e 62 3f 76 6f 69 64 20 30 3a 74 68 69 73 2e 73 6c 69 64 69 6e 67 3f 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 6f 6e 65 28 22 73 6c 69 64 2e 62 73 2e 63 61 72 6f 75 73 65 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 63 2e 74 6f 28 62 29 7d 29 3a 64 3d 3d 62 3f 74 68 69 73 2e 70 61 75 73 65 28 29 2e 63 79 63 6c 65 28 29 3a 74 68 69 73 2e 73 6c 69 64 65 28 62 3e 64 3f 22 6e 65 78 74 22 3a 22 70 72 65 76 22 2c 61 28 74 68 69 73 2e 24 69 74 65 6d 73 5b 62 5d 29 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 70 61 75 73 65 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72
                                                                                                                                                                                                                                        Data Ascii: this.$element.find(".item.active"));return b>this.$items.length-1||0>b?void 0:this.sliding?this.$element.one("slid.bs.carousel",function(){c.to(b)}):d==b?this.pause().cycle():this.slide(b>d?"next":"prev",a(this.$items[b]))},c.prototype.pause=function(b){r
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 65 74 57 69 64 74 68 2c 64 2e 61 64 64 43 6c 61 73 73 28 67 29 2c 65 2e 61 64 64 43 6c 61 73 73 28 67 29 2c 64 2e 6f 6e 65 28 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 5b 62 2c 67 5d 2e 6a 6f 69 6e 28 22 20 22 29 29 2e 61 64 64 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 2c 64 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 5b 22 61 63 74 69 76 65 22 2c 67 5d 2e 6a 6f 69 6e 28 22 20 22 29 29 2c 69 2e 73 6c 69 64 69 6e 67 3d 21 31 2c 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 2e 24 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 28 6d 29 7d 2c 30 29 7d 29 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 31 65 33 2a 64 2e 63 73 73 28 22 74
                                                                                                                                                                                                                                        Data Ascii: etWidth,d.addClass(g),e.addClass(g),d.one("bsTransitionEnd",function(){e.removeClass([b,g].join(" ")).addClass("active"),d.removeClass(["active",g].join(" ")),i.sliding=!1,setTimeout(function(){i.$element.trigger(m)},0)}).emulateTransitionEnd(1e3*d.css("t
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 3d 6e 75 6c 6c 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 70 61 72 65 6e 74 26 26 28 74 68 69 73 2e 24 70 61 72 65 6e 74 3d 61 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 70 61 72 65 6e 74 29 29 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 74 6f 67 67 6c 65 26 26 74 68 69 73 2e 74 6f 67 67 6c 65 28 29 7d 3b 63 2e 56 45 52 53 49 4f 4e 3d 22 33 2e 32 2e 30 22 2c 63 2e 44 45 46 41 55 4c 54 53 3d 7b 74 6f 67 67 6c 65 3a 21 30 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 64 69 6d 65 6e 73 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 43 6c 61 73 73 28 22 77 69 64 74 68 22 29 3b 72 65 74 75 72 6e 20 61 3f 22 77 69 64 74 68 22 3a 22 68 65 69 67 68 74 22 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 73 68 6f
                                                                                                                                                                                                                                        Data Ascii: =null,this.options.parent&&(this.$parent=a(this.options.parent)),this.options.toggle&&this.toggle()};c.VERSION="3.2.0",c.DEFAULTS={toggle:!0},c.prototype.dimension=function(){var a=this.$element.hasClass("width");return a?"width":"height"},c.prototype.sho
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 69 73 2e 74 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 31 3b 76 61 72 20 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 74 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 30 2c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 28 22 68 69 64 64 65 6e 2e 62 73 2e 63 6f 6c 6c 61 70 73 65 22 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 63 6f 6c 6c 61 70 73 69 6e 67 22 29 2e 61 64 64 43 6c 61 73 73 28 22 63 6f 6c 6c 61 70 73 65 22 29 7d 3b 72 65 74 75 72 6e 20 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 3f 76 6f 69 64 20 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 5b 63 5d 28 30 29 2e 6f 6e 65 28 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 61 2e 70 72 6f 78 79 28 64 2c 74 68 69 73 29 29 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74
                                                                                                                                                                                                                                        Data Ascii: is.transitioning=1;var d=function(){this.transitioning=0,this.$element.trigger("hidden.bs.collapse").removeClass("collapsing").addClass("collapse")};return a.support.transition?void this.$element[c](0).one("bsTransitionEnd",a.proxy(d,this)).emulateTransit
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 20 64 3d 63 26 26 61 28 63 29 3b 72 65 74 75 72 6e 20 64 26 26 64 2e 6c 65 6e 67 74 68 3f 64 3a 62 2e 70 61 72 65 6e 74 28 29 7d 66 75 6e 63 74 69 6f 6e 20 64 28 62 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 61 28 74 68 69 73 29 2c 64 3d 63 2e 64 61 74 61 28 22 62 73 2e 64 72 6f 70 64 6f 77 6e 22 29 3b 64 7c 7c 63 2e 64 61 74 61 28 22 62 73 2e 64 72 6f 70 64 6f 77 6e 22 2c 64 3d 6e 65 77 20 67 28 74 68 69 73 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 64 5b 62 5d 2e 63 61 6c 6c 28 63 29 7d 29 7d 76 61 72 20 65 3d 22 2e 64 72 6f 70 64 6f 77 6e 2d 62 61 63 6b 64 72 6f 70 22 2c 66 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 64 72 6f 70 64 6f 77 6e 22 5d 27 2c 67 3d
                                                                                                                                                                                                                                        Data Ascii: d=c&&a(c);return d&&d.length?d:b.parent()}function d(b){return this.each(function(){var c=a(this),d=c.data("bs.dropdown");d||c.data("bs.dropdown",d=new g(this)),"string"==typeof b&&d[b].call(c)})}var e=".dropdown-backdrop",f='[data-toggle="dropdown"]',g=
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 66 6e 2e 64 72 6f 70 64 6f 77 6e 3d 68 2c 74 68 69 73 7d 2c 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 2e 64 61 74 61 2d 61 70 69 22 2c 62 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 2e 64 61 74 61 2d 61 70 69 22 2c 22 2e 64 72 6f 70 64 6f 77 6e 20 66 6f 72 6d 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 7d 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 2e 64 61 74 61 2d 61 70 69 22 2c 66 2c 67 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 67 67 6c 65 29 2e 6f 6e 28 22 6b 65 79 64 6f 77 6e 2e 62 73 2e 64 72 6f 70 64 6f 77
                                                                                                                                                                                                                                        Data Ascii: Conflict=function(){return a.fn.dropdown=h,this},a(document).on("click.bs.dropdown.data-api",b).on("click.bs.dropdown.data-api",".dropdown form",function(a){a.stopPropagation()}).on("click.bs.dropdown.data-api",f,g.prototype.toggle).on("keydown.bs.dropdow


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        70192.168.2.449819104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC559OUTGET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC904INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:29 GMT
                                                                                                                                                                                                                                        Content-Type: image/png
                                                                                                                                                                                                                                        Content-Length: 2914
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: status=not_needed
                                                                                                                                                                                                                                        ETag: "fc9c7-b62-5477ff47bc7e3"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 01:35:29 GMT
                                                                                                                                                                                                                                        Last-Modified: Wed, 01 Feb 2017 22:56:11 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: REVALIDATED
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90RNFN9l3GEuKtyL7vaajl1w2nlIh%2FoP%2BDfJzdslMLGmzosSndIzuhV%2B%2BtkJ8oVLAn4Yv9p87dB4HT8VzkdmYV1PUFUFTBaZ3oC%2BAwYwDp%2FXCuY78%2BdDSc9d%2FSw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabb9d38f972b1-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC465INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 11 00 00 00 64 08 03 00 00 00 96 d2 f4 7a 00 00 02 10 50 4c 54 45 00 00 00 ff ff ff fb fe fa ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 82 c2 32 a7 d4 6f d9 ed c4 8d c7 40 94 cb 4f af d8 7d e6 f3 d9 88 c4 37 d1 e9 b6 ca e5 af e3 f2 d7 72 bd 35 d0 ea c0 ff ff ff 86 c4 3c ff ff ff a1 d1 64 b9 dd 90 c7 e4 a8 da ef cf ea f5 e1 ac d6 76 ff ff ff 7b be 25 b4 da 84 c2 e1 9b c6 e3 a1 ca e8 bd eb f5 dc 81 c1 2d ff ff ff 54 bf 60 6f c2 56 9a cd 58 ff ff ff ff ff ff ff ff ff 73 be 3d 83 c4 43 ff ff ff ff ff ff 87 d0 83 b8 dc 88 ff ff ff ff ff ff 2d b0 3d 7f c1 39 4d b7 3d ff ff ff ff ff ff 8e
                                                                                                                                                                                                                                        Data Ascii: PNGIHDRdzPLTE2o@O}7r5<dv{%-T`oVXs=C-=9M=
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1369INData Raw: e6 ab b9 dc 88 3a b2 3d eb f8 ec 98 cc 53 3e b4 44 76 be 39 8e c8 49 78 c0 3c 7d bf 26 dd ee c5 94 d8 a3 c1 e0 93 aa d5 75 61 ba 40 f5 f9 e8 eb f5 de d1 e9 b6 a3 d2 66 44 b5 43 30 b2 42 6d bc 3b 23 ad 36 e1 f2 d6 9f ce 5c 4c b6 3f 70 bd 3b 7a c0 36 f8 fc fa 5b c3 6e 4e bd 5f 45 b9 50 5a b9 3e bf e6 bc 69 c8 7b b9 dc b8 0a 00 00 00 5f 74 52 4e 53 00 ec 02 8d d3 e1 a9 1e 89 83 33 22 be 67 b1 93 74 20 42 1a cc b7 79 20 a8 99 69 17 b2 2e 37 0b b4 25 e7 ad 9a 84 56 3c 14 07 72 46 c5 63 4a 43 29 0f bd 3b 94 92 90 28 da ba ac a5 9f 69 67 5e 4b d7 be b1 ac a3 97 91 8b 88 78 6f 60 ba b5 af 9e 9c 7a 57 a2 9f 9d 80 7d 4e be b6 b4 44 d3 be c4 c4 0b 00 00 08 a2 49 44 41 54 78 da ed 9c 07 57 1a 41 10 80 07 83 e9 d5 48 13 50 91 88 bd 97 24 1a 63 7a ef bd 63 40 f4 a8 22
                                                                                                                                                                                                                                        Data Ascii: :=S>Dv9Ix<}&ua@fDC0Bm;#6\L?p;z6[nN_EPZ>i{_tRNS3"gt By i.7%V<rFcJC);(ig^Kxo`zW}NDIDATxWAHP$czc@"
                                                                                                                                                                                                                                        2024-04-27 00:35:29 UTC1080INData Raw: 55 16 53 2b c9 ab cd 86 a0 1c 08 c9 74 8b 21 18 34 84 68 91 48 17 da 08 28 c5 a2 24 04 87 9e 5a 62 23 b9 e7 2a eb 6a ab 5c d6 4e 12 22 cd 2d 12 35 20 b2 4c 43 30 30 3c fc d9 ef 43 9a d1 89 24 6e 81 8d 20 64 16 1b 97 c1 bd ef fe 47 15 68 a4 c1 62 76 d6 60 5e 0d 16 b3 21 e2 f7 6b b3 53 53 73 2e 8e 18 11 1f c9 2e f1 0b 6e 84 b0 73 19 18 29 24 46 5c 0d 16 2b 1a 69 36 84 5e 39 23 f1 6b d5 80 24 5c 1c 7a 40 2a 26 3e 43 50 b5 08 46 96 47 7d a4 f0 31 31 62 71 58 cd 35 b8 d3 d8 64 40 38 fb 59 07 c0 2a 19 61 ab 48 06 89 8e 2f 46 ae 3d ae a8 ac 6d 70 58 4d 26 b7 b1 d9 3f 18 c5 1a b9 98 0a 2c ba 4f 8d 58 59 c3 0c 13 94 f3 c4 48 da 15 34 62 77 a1 11 73 6b 4d 73 b0 38 64 a4 18 42 a4 38 49 65 8d 24 5d 6d 0a 3f 8c 28 bf e3 aa c1 23 9a b5 de dc ea 35 fa 93 81 21 53 91 06
                                                                                                                                                                                                                                        Data Ascii: US+t!4hH($Zb#*j\N"-5 LC00<C$n dGhbv`^!kSSs..ns)$F\+i6^9#k$\z@*&>CPFG}11bqX5d@8Y*aH/F=mpXM&?,OXYH4bwskMs8dB8Ie$]m?(#5!S


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        71192.168.2.449814104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC787OUTGET /wp-content/themes/meminz/js/custom.js?ver=20231102 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC848INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:30 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Content-Length: 5705
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cf-Bgj: minify
                                                                                                                                                                                                                                        Cf-Polished: origSize=10363
                                                                                                                                                                                                                                        ETag: "10482b-287b-6093437b2b8bd-gzip"
                                                                                                                                                                                                                                        Last-Modified: Fri, 03 Nov 2023 00:02:17 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4802
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1L787aiCrfvZB26Yrf4EcZtCk4ju50B1T1vFDddhtVjR502V7gUTZ4EXn4KoarWgvDdadJH%2FMyHPCzkhXZ7B41gaw%2FDqKk89lrLGGrG3aWLBN8h%2FH4%2FiAYeytqU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabba56b2e7c93-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC521INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 24 2e 66 6e 2e 73 63 72 6f 6c 6c 54 6f 3d 66 75 6e 63 74 69 6f 6e 28 6f 70 74 69 6f 6e 73 29 7b 76 61 72 20 73 65 74 74 69 6e 67 73 3d 7b 6f 66 66 73 65 74 3a 2d 36 30 2c 73 70 65 65 64 3a 27 73 6c 6f 77 27 2c 6f 76 65 72 72 69 64 65 3a 6e 75 6c 6c 2c 65 61 73 69 6e 67 3a 6e 75 6c 6c 7d 3b 69 66 28 6f 70 74 69 6f 6e 73 29 7b 69 66 28 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 29 7b 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 3d 28 6f 76 65 72 72 69 64 65 28 27 23 27 29 21 3d 2d 31 29 3f 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 3a 27 23 27 2b 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 3b 7d 0a 24 2e 65 78 74 65 6e 64 28 73 65 74 74 69 6e 67 73 2c 6f 70 74 69
                                                                                                                                                                                                                                        Data Ascii: (function($){'use strict';$.fn.scrollTo=function(options){var settings={offset:-60,speed:'slow',override:null,easing:null};if(options){if(options.override){options.override=(override('#')!=-1)?options.override:'#'+options.override;}$.extend(settings,opti
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 29 3b 24 28 27 68 74 6d 6c 2c 62 6f 64 79 27 29 2e 73 74 6f 70 28 29 2e 61 6e 69 6d 61 74 65 28 7b 73 63 72 6f 6c 6c 54 6f 70 3a 24 28 69 64 54 6f 4c 6f 6f 6b 41 74 29 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 2b 73 65 74 74 69 6e 67 73 2e 6f 66 66 73 65 74 7d 2c 73 65 74 74 69 6e 67 73 2e 73 70 65 65 64 2c 73 65 74 74 69 6e 67 73 2e 65 61 73 69 6e 67 29 3b 7d 65 6c 73 65 7b 24 28 27 68 74 6d 6c 2c 62 6f 64 79 27 29 2e 73 74 6f 70 28 29 2e 61 6e 69 6d 61 74 65 28 7b 73 63 72 6f 6c 6c 54 6f 70 3a 24 28 69 64 54 6f 4c 6f 6f 6b 41 74 29 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 2b 73 65 74 74 69 6e 67 73 2e 6f 66 66 73 65 74 7d 2c 73 65 74 74 69 6e 67 73 2e 73 70 65 65 64 2c 73 65 74 74 69 6e 67 73 2e 65 61 73 69 6e 67 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 77 69
                                                                                                                                                                                                                                        Data Ascii: );$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing);}else{$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing,function(e){wi
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 28 29 7b 72 65 74 75 72 6e 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 6d 61 74 63 68 28 2f 69 50 68 6f 6e 65 7c 69 50 61 64 7c 69 50 6f 64 2f 69 29 3b 7d 2c 4f 70 65 72 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 6d 61 74 63 68 28 2f 4f 70 65 72 61 20 4d 69 6e 69 2f 69 29 3b 7d 2c 57 69 6e 64 6f 77 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 6d 61 74 63 68 28 2f 49 45 4d 6f 62 69 6c 65 2f 69 29 3b 7d 2c 61 6e 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 41 6e 64 72 6f 69 64 28 29 7c 7c 61 2e 42 6c 61 63 6b 42 65 72 72 79 28 29 7c 7c 61 2e 69 4f 53 28 29 7c 7c 61 2e
                                                                                                                                                                                                                                        Data Ascii: (){return navigator.userAgent.match(/iPhone|iPad|iPod/i);},Opera:function(){return navigator.userAgent.match(/Opera Mini/i);},Windows:function(){return navigator.userAgent.match(/IEMobile/i);},any:function(){return a.Android()||a.BlackBerry()||a.iOS()||a.
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 64 69 72 65 63 74 69 6f 6e 4e 61 76 3a 66 61 6c 73 65 7d 3b 69 6d 61 63 2e 66 6c 65 78 73 6c 69 64 65 72 28 7b 73 6c 69 64 65 73 68 6f 77 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 73 6c 69 64 65 73 68 6f 77 2c 61 6e 69 6d 61 74 69 6f 6e 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 61 6e 69 6d 61 74 69 6f 6e 2c 64 69 72 65 63 74 69 6f 6e 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 64 69 72 65 63 74 69 6f 6e 2c 73 6d 6f 6f 74 68 48 65 69 67 68 74 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 73 6d 6f 6f 74 68 48 65 69 67 68 74 2c 73 6c 69 64 65 73 68 6f 77 53 70 65 65 64 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 73 6c 69 64 65 73 68 6f 77 53 70 65 65 64 2c 64 69 72 65 63 74 69 6f 6e 4e 61 76 3a 69 6d 61 63
                                                                                                                                                                                                                                        Data Ascii: directionNav:false};imac.flexslider({slideshow:imac_optionsData.slideshow,animation:imac_optionsData.animation,direction:imac_optionsData.direction,smoothHeight:imac_optionsData.smoothHeight,slideshowSpeed:imac_optionsData.slideshowSpeed,directionNav:imac
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1077INData Raw: 67 54 79 70 65 3a 27 65 61 73 65 4f 75 74 51 75 61 72 74 27 7d 29 3b 24 28 22 61 2e 7a 6f 6f 6d 3a 66 69 72 73 74 5b 64 61 74 61 2d 70 72 65 74 74 79 5e 3d 27 70 72 65 74 74 79 50 68 6f 74 6f 27 5d 22 29 2e 70 72 65 74 74 79 50 68 6f 74 6f 28 7b 61 6e 69 6d 61 74 69 6f 6e 5f 73 70 65 65 64 3a 27 6e 6f 72 6d 61 6c 27 2c 74 68 65 6d 65 3a 27 70 70 5f 64 65 66 61 75 6c 74 27 2c 73 6c 69 64 65 73 68 6f 77 3a 33 30 30 30 2c 61 75 74 6f 70 6c 61 79 5f 73 6c 69 64 65 73 68 6f 77 3a 66 61 6c 73 65 7d 29 3b 24 28 22 61 2e 7a 6f 6f 6d 3a 67 74 28 30 29 5b 64 61 74 61 2d 70 72 65 74 74 79 5e 3d 27 70 72 65 74 74 79 50 68 6f 74 6f 27 5d 22 29 2e 70 72 65 74 74 79 50 68 6f 74 6f 28 7b 61 6e 69 6d 61 74 69 6f 6e 5f 73 70 65 65 64 3a 27 66 61 73 74 27 2c 73 6c 69 64 65
                                                                                                                                                                                                                                        Data Ascii: gType:'easeOutQuart'});$("a.zoom:first[data-pretty^='prettyPhoto']").prettyPhoto({animation_speed:'normal',theme:'pp_default',slideshow:3000,autoplay_slideshow:false});$("a.zoom:gt(0)[data-pretty^='prettyPhoto']").prettyPhoto({animation_speed:'fast',slide


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        72192.168.2.449820192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4629&rand=0.3235756268755505 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:30 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        73192.168.2.449818104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC846OUTGET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC984INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:30 GMT
                                                                                                                                                                                                                                        Content-Type: image/webp
                                                                                                                                                                                                                                        Content-Length: 10546
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: origFmt=png, origSize=15142
                                                                                                                                                                                                                                        Content-Disposition: inline; filename="30dayrefund-e1605890583229.webp"
                                                                                                                                                                                                                                        ETag: "fdfc6-3b26-5b48c89c94beb"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 01:24:23 GMT
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Nov 2020 16:43:03 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 667
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MOWN6cMmWtSqv35m03cPwC7bWFlIuZg3v2q%2BkR2PFkeFrJa33ze%2B8yE7qWTB6eD2%2FQ0ls1IpyetlUkTthyU05BGLqivnljEREALaqUW1Psy%2FGsUzdHBsAFIM6A%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabba58ec50f7b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC385INData Raw: 52 49 46 46 2a 29 00 00 57 45 42 50 56 50 38 4c 1e 29 00 00 2f 2b 01 41 10 75 86 e3 b6 91 1c 49 ca 3f ec 31 55 bd 7b e6 1b 11 13 c0 2f ed 03 dc 0f 79 3b 60 da 32 ef d8 9c 00 61 c0 6e 0b ae 00 b3 5c 3a 1e 71 8f db c4 3d 98 26 9c e0 8e d4 7a 09 59 50 3a 7d 03 41 05 57 14 57 72 97 bc b1 a2 22 d0 43 54 54 dc 23 55 cf ec 64 00 8f 48 5d 39 21 93 ae 2c ff a5 25 ea ff cf 58 93 ce 79 5e 0c da 76 f7 d8 b6 b9 eb dd 68 67 6b 67 cf ec 7a 39 b6 6d db b6 6d db 36 ee 7b 4e 55 fe bf 24 f7 fe f3 cf 5d 4d 27 55 95 54 04 05 68 ff d7 a7 cd 25 41 ff 0c 77 38 a7 8a 1d d4 8b d4 5d b0 ba b7 8c 1a 52 77 77 77 03 8e 21 73 5f 46 dd 38 b2 d0 5c 57 d7 d4 25 c5 29 2e 11 e4 ff 7f 1d b1 6d e3 48 f2 ee f5 5e 76 27 c9 94 cc d7 1b b6 6d d3 94 46 db b6 2c c7 75 15 55 42 21 83 10 e4 c6 2e 69
                                                                                                                                                                                                                                        Data Ascii: RIFF*)WEBPVP8L)/+AuI?1U{/y;`2an\:q=&zYP:}AWWr"CTT#UdH]9!,%Xy^vhgkgz9mm6{NU$]M'UTh%Aw8]Rwww!s_F8\W%).mH^v'mF,uUB!.i
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: b3 07 e3 7a bf b2 fa 57 17 26 e5 be 65 91 32 6f 26 4c eb d5 7e 61 a1 d0 43 04 db 08 82 33 8b 75 9a 34 5b 91 2c 01 f4 02 22 fa 46 42 04 5b 11 7a 50 f4 34 cc a5 d2 a9 55 64 4e fa 0d 90 59 40 8f 29 59 c2 15 91 7e 33 a6 df a2 39 5b b5 74 d2 58 f4 33 c6 6c a7 69 5a f9 41 af b1 82 48 6f a6 29 59 ec e7 32 0c e3 c6 8b 94 6c 45 56 e1 2f 73 f9 2d 6a 94 d8 cb 70 f1 df b4 14 89 d6 34 56 0b 04 50 23 90 0e c5 92 e7 f5 16 19 42 2d 70 c1 4a 92 c7 44 2c e5 01 8f 3e c6 42 a6 a9 2a 4d 0a c4 f2 33 d0 55 e2 14 4a e7 84 50 a3 db 86 ac d6 1b 4d 53 55 4c 16 f6 24 64 2c 23 b8 d2 4c 81 34 d2 a9 9d 1a 89 5d 30 8d 53 20 1a ae 11 9b b1 b7 e0 6d af 4b 0e 18 ed 9b e4 eb 92 aa 03 7b a6 ad d4 b1 0a 1b 51 f6 bb 64 2f ef 9e 82 b5 3c 22 26 ad ae 9b ce 65 89 50 af a7 3d d4 b8 ad 6c 67 4d 77
                                                                                                                                                                                                                                        Data Ascii: zW&e2o&L~aC3u4[,"FB[zP4UdNY@)Y~39[tX3liZAHo)Y2lEV/s-jp4VP#B-pJD,>B*M3UJPMSUL$d,#L4]0S mK{Qd/<"&eP=lgMw
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: dd 31 1e b0 58 c1 b6 74 d0 3e a6 6e 69 20 8d 0e c5 f1 22 9e 25 bb 27 89 c6 07 3e 65 43 12 43 42 ea 51 61 63 8a 78 b5 c4 9a 92 58 94 6f 8f c1 81 9f 38 55 30 17 08 91 4d 5f 93 2a b9 6a 61 7e 0d 87 93 83 c1 b3 cf a1 7c 37 0c 70 13 a1 df d5 69 80 0f 2c d7 c3 22 a1 77 e7 3b 9a 4a c1 20 a9 60 a1 22 b6 82 cc a6 45 95 b4 5a ae 8b c7 bf b1 70 63 15 39 04 f4 4c 07 79 f5 8d fd a3 25 94 11 1f 73 76 10 c5 10 14 31 2a 7b e9 fb b5 d7 15 51 f9 93 1b fc 77 2d 7a 6d 9c 04 03 3f 73 d6 c2 17 23 01 d3 fe 91 ef 9c ea 89 49 ed 38 ca f7 48 6b b6 20 b6 c5 09 2a 31 17 66 a9 b3 f2 14 51 d3 28 65 6a ba 3a 4e ce 8c 92 40 8b 70 9f 74 10 63 88 01 ee 6b 71 9c 9d ae 07 c4 b8 53 7d 1c 2e 2c ab 6e ee 45 35 f2 8f fc 44 3d 39 fb 99 6f 56 d0 be 3f d9 f9 d6 3a ef c7 88 e3 a2 e5 3c 9b 4e 27 89
                                                                                                                                                                                                                                        Data Ascii: 1Xt>ni "%'>eCCBQacxXo8U0M_*ja~|7pi,"w;J `"EZpc9Ly%sv1*{Qw-zm?s#I8Hk *1fQ(ej:N@ptckqS}.,nE5D=9oV?:<N'
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 2b fd aa b5 8f 73 8f 1a 00 65 ef c6 be d5 43 0b 03 7b 98 75 f8 5b 6e 42 01 1c 68 14 f2 22 8e e6 a5 1c 81 c5 de 58 40 d4 a7 14 d7 b8 93 61 46 9b e3 ec a3 a6 3d 3e 66 53 5d a4 fe 39 23 f6 2b e8 0e b4 7f c8 45 8d 3c eb 6c 5f 9a 04 88 38 80 34 cf 12 bf 62 96 e9 a5 1c 4d 84 bc ae 3a 66 25 30 24 f0 72 ff da 26 02 4a e1 3a d4 62 e6 be 14 66 e8 9b 17 b7 7f 7d 03 69 1c 35 19 b2 ca 99 6e f8 b0 ac ff eb 56 b0 e7 0f 59 fe 70 0d 54 89 db 5b c3 ac 79 cb ea db 00 0d bf 1e 17 0a 94 64 30 ab d0 9c c7 80 41 42 57 1f 88 9b 27 c1 46 be 8a ad 59 65 26 90 86 cd 49 d5 03 46 0c c0 e8 fd 9c e7 f8 6c 24 70 25 36 99 49 d4 1b c7 1a cc 8c cc d5 37 7c ec f4 95 58 e4 4a a0 dc c6 e2 05 1d c4 ae b8 f6 d5 60 f4 ae dc e4 94 3f d7 29 2c 39 1e 47 e3 09 b7 ce da 54 4e a4 3f c2 a7 ad 9c 8a a8
                                                                                                                                                                                                                                        Data Ascii: +seC{u[nBh"X@aF=>fS]9#+E<l_84bM:f%0$r&J:bf}i5nVYpT[yd0ABW'FYe&IFl$p%6I7|XJ`?),9GTN?
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 52 2e 8c 5c 8f 82 4d 2b 47 e8 81 92 b0 3b 57 d5 0b 7c f3 2d 2e 01 31 eb 26 2f ba 2b 3d cc f3 69 b6 bd 29 88 e0 38 fc d6 9a 69 6a 39 99 83 a6 4d 16 01 84 9c ab bf 7c f3 82 43 c4 49 cf f3 95 fb 4a 83 a9 72 7c 91 90 8f 29 4d 89 39 24 90 b4 e8 1d bd b9 93 cb f3 39 8c 9a ac 43 23 ac 29 71 3e 7f a5 c9 9a 2b 03 47 8c 2b ad a2 f1 e9 f0 75 56 57 80 28 df b1 ad 87 1f fc e1 c7 60 da a7 81 40 12 87 7f 32 d5 2a 0a ad 8e fd f1 02 61 a6 37 ed 7c bb 8a 32 ef 0a be 16 35 72 72 f4 16 c8 02 49 b7 87 c8 bf 4e 10 88 17 55 b8 06 c4 81 af 74 70 83 8a 02 b1 bd cf a3 a9 e4 20 56 16 47 85 46 32 f2 7b e5 ec 68 e0 63 78 5b e1 f0 45 4e 47 97 45 91 03 3b 53 27 c7 05 ec 50 cb 9e 08 ba 23 64 79 3c 67 38 f5 d1 fe 3a d5 fa 42 93 ee a4 13 6b c6 5d dd 25 d0 f0 4c 87 70 38 83 9e 87 5b 0b c9
                                                                                                                                                                                                                                        Data Ascii: R.\M+G;W|-.1&/+=i)8ij9M|CIJr|)M9$9C#)q>+G+uVW(`@2*a7|25rrINUtp VGF2{hcx[ENGE;S'P#dy<g8:Bk]%Lp8[
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 91 ec 5e 7a 0e bc 9a d1 48 49 cd 0c f9 cc 05 73 e0 45 40 f2 df 2c 47 ec 80 a1 f1 a4 c4 4a c8 31 dc 11 71 3d d0 bd 8c e0 7c f3 62 61 38 63 c1 03 4b 0e 1d 8f 36 e3 f2 af fb 2c 13 d7 a7 65 37 88 87 8c 54 b3 a5 6d ab b9 5e 8a 0a 8f cb 6c ab 4b 89 24 c6 4a a7 b9 08 82 c2 ce 15 da 44 15 53 13 5f 37 f2 bc 24 52 b0 f6 1b 03 99 d9 db ec 7c bc 6e 50 f1 a4 ab 6a dd 8a af bd ac b3 4e 0f 07 ff 4d 19 86 7e 8a 37 81 e0 ae 56 d5 78 d7 52 1d df d8 ab 8a 2d 1f 84 09 ff c2 85 60 f5 20 0a 9e 2f c8 6b 3e b9 63 8e 8e 93 f9 34 53 cc 3f d7 3c 10 21 81 e9 53 9a fd c1 04 23 2e d3 be 20 ba 9c e6 2c 92 05 76 d5 1c 31 01 c3 12 af 4b 04 71 c9 b7 a9 c3 de d1 e9 40 56 af 43 fd c0 73 f3 eb 30 27 73 58 fa b5 be b5 db 1f c9 fe ff fe 26 ea dc bc 4c 39 a3 bb 95 cb a4 1f 5b 5a 6a 77 42 d9 db
                                                                                                                                                                                                                                        Data Ascii: ^zHIsE@,GJ1q=|ba8cK6,e7Tm^lK$JDS_7$R|nPjNM~7VxR-` /k>c4S?<!S#. ,v1Kq@VCs0'sX&L9[ZjwB
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 86 1a 19 6c bb 41 e9 64 41 90 08 63 cf b1 63 b7 c1 a5 0e 41 2c 77 05 55 b4 d1 58 a3 67 f7 c6 24 e0 28 4e 89 ae 6a 60 ac 9a cb 3e 13 20 06 19 bd cc a0 1b 22 1e 49 10 fa 52 6c 21 6e e5 26 fa f1 45 95 17 c9 3e c3 17 b8 58 e9 a6 55 30 96 bc 6c 85 a5 58 e8 ab e9 00 4b 39 d6 07 3b 2f 79 d3 7c 52 e8 97 d5 a7 51 41 97 12 71 1c 3b 3a 28 88 dc ca 73 48 05 36 81 c1 56 3f ee cf 87 f7 cd 0d 83 c8 9d ac ed bd cb 62 40 40 a2 8e 3a f9 69 0c 6b ef 5b e6 15 8f bc 3e 37 50 32 e6 27 27 47 a3 40 80 98 32 3b 83 af 13 c0 77 a2 6f 66 f4 8b 35 66 3e b6 82 03 54 9e 44 6e 77 c7 b6 15 e1 6b d2 c8 92 13 68 58 26 83 61 c9 55 e7 74 6e 63 24 8c ae 67 45 4d 36 84 8b 3c f2 30 f9 c9 1d c4 d6 c1 06 fc 1a d0 8c f0 0a 47 31 c3 37 30 2f 49 90 05 41 ab ec 8e 0f c2 70 32 91 c6 27 b4 b6 c8 57 11
                                                                                                                                                                                                                                        Data Ascii: lAdAccA,wUXg$(Nj`> "IRl!n&E>XU0lXK9;/y|RQAq;:(sH6V?b@@:ik[>7P2''G@2;wof5f>TDnwkhX&aUtnc$gEM6<0G170/IAp2'W
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC1369INData Raw: 89 72 32 09 2f fd 2f 31 e6 2c 18 b0 8b 72 01 a5 32 9d 33 ff a1 65 4a 26 bb 90 94 49 d7 b6 14 19 a4 49 7b 7b 99 f3 60 c2 f1 cd 9e 01 d8 df 8d 64 7f 26 93 22 e5 fa 72 06 7f e3 cc 76 37 06 c3 af ca cf ad 1d 02 e8 61 2e af af 9d bf a3 0d fb 51 6c 47 73 8d 80 a8 2b 65 37 9c a9 80 c1 cf 76 28 e2 d7 ef 74 8f 7d 99 72 c8 49 fc 8a d3 01 3e ad 87 d0 38 3d cf 62 38 37 0e 8c 59 bb ad fd c7 4f 77 03 46 fd 82 9b 3d f1 6d 5a c4 2a 4e 77 fa 59 ae 48 99 72 c8 e1 47 d7 2a 8d a3 6b 45 31 80 28 a7 bc c7 6a ca e7 33 24 62 4f bc 7e bc 5b 1e 3a e5 f3 4f a2 40 7e 96 5d cd 27 ca 38 9d 45 ed b5 a9 cd 4d a8 8c 39 2f 59 ab 9e ce cc 5e 79 d1 c1 6a a6 39 92 9c 66 84 4c 73 3f d0 59 fb 41 33 51 ef fb 5a d1 b2 c4 0d b1 47 94 5b ef 67 5e a2 b0 39 cd fd be 69 f1 ce 4e ac 7b 62 77 ff da f2
                                                                                                                                                                                                                                        Data Ascii: r2//1,r23eJ&II{{`d&"rv7a.QlGs+e7v(t}rI>8=b87YOwF=mZ*NwYHrG*kE1(j3$bO~[:O@~]'8EM9/Y^yj9fLs?YA3QZG[g^9iN{bw
                                                                                                                                                                                                                                        2024-04-27 00:35:30 UTC578INData Raw: 34 ba 27 4b ba 65 72 e2 10 93 1c f3 58 59 83 ad 1f c3 92 0d be 27 87 b2 8d f3 95 9c 51 ba 2c f7 34 90 96 d7 58 50 ee 79 a0 b0 b5 81 8a 9a d2 6a d1 1c c9 16 76 84 1d d5 1a 9a e1 d0 42 bb 2f 5e ef 0f 2c f5 fe f9 49 1a b0 45 97 1d 2c 86 81 8c a3 01 32 28 a9 a9 ec 62 5b f2 f9 22 11 66 16 e9 46 d3 63 d4 6a c0 b0 87 d7 55 b7 de 70 25 01 cd ef 9e 3e 62 00 70 85 36 0d fb b3 c8 30 52 d4 f1 c6 68 0d 7a 31 4d 7b ac e4 60 83 4b 86 64 7f c3 c1 d2 bc b4 41 12 08 48 ce 43 8e 0f 43 a7 1b 39 36 55 d8 b0 ac 45 eb 0e 9c be dc 2d 38 d0 ac bb bd a7 03 ee 45 59 7e f1 04 4d 7a 23 7b 69 5a 85 5e b4 6b 2c 16 32 78 44 46 2e f5 5f 92 3a 5d df 27 98 4c 4a 6a ce 18 31 38 44 02 35 d2 6a 54 cc 92 6f 33 65 a6 90 34 2b d5 d2 6e aa 5b a7 73 09 16 5a b5 9b ec d6 a0 54 33 29 61 39 b2 47 1f
                                                                                                                                                                                                                                        Data Ascii: 4'KerXY'Q,4XPyjvB/^,IE,2(b["fFcjUp%>bp60Rhz1M{`KdAHCC96UE-8EY~Mz#{iZ^k,2xDF._:]'LJj18D5jTo3e4+n[sZT3)a9G


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        74192.168.2.449821104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC812OUTGET /wp-includes/js/wp-emoji-release.min.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC784INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:31 GMT
                                                                                                                                                                                                                                        Content-Type: application/javascript
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Wed, 03 Apr 2024 15:53:31 GMT
                                                                                                                                                                                                                                        ETag: W/"4279a-4926-61533396fa2ee-gzip"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 4802
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BcTg4w60bVJDOrqvpo3M6xcn3YTAnPkDJhrsNIHktXmuKEMbKbdj4Kr%2FiIzBrI43BZIvHMYuElKZIG08F1j7bWejw%2BVQy2Xdlkh7GPSgwUKob7w4a6HHt0WKqQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbac28018c33-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC585INData Raw: 34 39 32 36 0d 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 2f 2f 20 53 6f 75 72 63 65 3a 20 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 74 77 65 6d 6f 6a 69 2e 6d 69 6e 2e 6a 73 0a 76 61 72 20 74 77 65 6d 6f 6a 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 68 3d 7b 62 61 73 65 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 67 68 2f 6a 64 65 63 6b 65 64 2f 74 77 65 6d 6f 6a 69 40 31 35 2e 30 2e 33 2f 61 73 73 65 74 73 2f 22 2c 65 78 74 3a 22 2e 70 6e 67 22 2c 73 69 7a 65 3a 22 37 32 78 37 32 22 2c 63 6c 61 73 73 4e 61 6d 65 3a 22 65 6d 6f 6a 69 22 2c 63 6f 6e 76 65 72 74 3a 7b 66 72 6f 6d 43 6f 64 65 50 6f 69 6e 74
                                                                                                                                                                                                                                        Data Ascii: 4926/*! This file is auto-generated */// Source: wp-includes/js/twemoji.min.jsvar twemoji=function(){"use strict";var h={base:"https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 3d 74 79 70 65 6f 66 20 64 3f 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 20 6e 28 64 2c 66 75 6e 63 74 69 6f 6e 28 64 29 7b 76 61 72 20 75 2c 66 2c 63 3d 64 2c 65 3d 4e 28 64 29 2c 62 3d 61 2e 63 61 6c 6c 62 61 63 6b 28 65 2c 61 29 3b 69 66 28 65 26 26 62 29 7b 66 6f 72 28 66 20 69 6e 20 63 3d 22 3c 69 6d 67 20 22 2e 63 6f 6e 63 61 74 28 27 63 6c 61 73 73 3d 22 27 2c 61 2e 63 6c 61 73 73 4e 61 6d 65 2c 27 22 20 27 2c 27 64 72 61 67 67 61 62 6c 65 3d 22 66 61 6c 73 65 22 20 27 2c 27 61 6c 74 3d 22 27 2c 64 2c 27 22 27 2c 27 20 73 72 63 3d 22 27 2c 62 2c 27 22 27 29 2c 75 3d 61 2e 61 74 74 72 69 62 75 74 65 73 28 64 2c 65 29 29 75 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 66 29 26 26 30 21 3d 3d 66 2e 69 6e 64 65 78 4f 66 28 22 6f 6e
                                                                                                                                                                                                                                        Data Ascii: =typeof d?function(d,a){return n(d,function(d){var u,f,c=d,e=N(d),b=a.callback(e,a);if(e&&b){for(f in c="<img ".concat('class="',a.className,'" ','draggable="false" ','alt="',d,'"',' src="',b,'"'),u=a.attributes(d,e))u.hasOwnProperty(f)&&0!==f.indexOf("on
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 6e 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 64 3f 64 2b 22 78 22 2b 64 3a 64 7d 28 75 2e 73 69 7a 65 7c 7c 68 2e 73 69 7a 65 29 2c 63 6c 61 73 73 4e 61 6d 65 3a 75 2e 63 6c 61 73 73 4e 61 6d 65 7c 7c 68 2e 63 6c 61 73 73 4e 61 6d 65 2c 6f 6e 65 72 72 6f 72 3a 75 2e 6f 6e 65 72 72 6f 72 7c 7c 68 2e 6f 6e 65 72 72 6f 72 7d 29 7d 2c 72 65 70 6c 61 63 65 3a 6e 2c 74 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 64 29 7b 67 2e 6c 61 73 74 49 6e 64 65 78 3d 30 3b 64 3d 67 2e 74 65 73 74 28 64 29 3b 72 65 74 75 72 6e 20 67 2e 6c 61 73 74 49 6e 64 65 78 3d 30 2c 64 7d 7d 2c 75 3d 7b 22 26 22 3a 22 26 61 6d 70 3b 22 2c 22 3c 22 3a 22 26 6c 74 3b 22 2c 22 3e 22 3a 22 26 67 74 3b 22 2c 22 27 22 3a 22 26 23 33 39 3b 22 2c 27 22 27 3a 22 26 71 75 6f 74 3b 22 7d 2c
                                                                                                                                                                                                                                        Data Ascii: n"number"==typeof d?d+"x"+d:d}(u.size||h.size),className:u.className||h.className,onerror:u.onerror||h.onerror})},replace:n,test:function(d){g.lastIndex=0;d=g.test(d);return g.lastIndex=0,d}},u={"&":"&amp;","<":"&lt;",">":"&gt;","'":"&#39;",'"':"&quot;"},
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 38 62 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 38 62 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 66 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 38 62 5c 75 32
                                                                                                                                                                                                                                        Data Ascii: dc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc8b\u200d\ud83d\udc68\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc8b\u200d\ud83d\udc69\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udfff\u200d\u2764\ufe0f\u200d\ud83d\udc8b\u2
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 64 64 31 64 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 5c 75 64 66 66 63 5c 75 64 66 66 65 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 31 64 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 64 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5c 75 64 66 66 66 5c 75 32 30 30 64
                                                                                                                                                                                                                                        Data Ascii: dd1d\u200d\ud83d\udc68\ud83c[\udffb\udffc\udffe\udfff]|\ud83d\udc68\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc68\ud83c[\udffb-\udfff]|\ud83d\udc68\ud83c\udffe\u200d\ud83e\udd1d\u200d\ud83d\udc68\ud83c[\udffb-\udffd\udfff]|\ud83d\udc68\ud83c\udfff\u200d
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 75 64 63 36 39 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 5c 75 64 66 66 63 5c 75 64 66 66 65 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 31 64 5c 75 32 30 30 64 5c 75 64 38 33
                                                                                                                                                                                                                                        Data Ascii: udc69\ud83c[\udffb\udffc\udffe\udfff]|\ud83d\udc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc68\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc69\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udffe\u200d\ud83e\udd1d\u200d\ud83
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5c 75 64 66 66 66 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 65 5d 7c 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5c 75 64 66 66 66 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 31 64 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 38 62 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 7c 5c 75 64 38 33 64 5c 75
                                                                                                                                                                                                                                        Data Ascii: [\udffb-\udfff]|\ud83e\uddd1\ud83c\udfff\u200d\u2764\ufe0f\u200d\ud83e\uddd1\ud83c[\udffb-\udffe]|\ud83e\uddd1\ud83c\udfff\u200d\ud83e\udd1d\u200d\ud83e\uddd1\ud83c[\udffb-\udfff]|\ud83d\udc68\u200d\u2764\ufe0f\u200d\ud83d\udc8b\u200d\ud83d\udc68|\ud83d\u
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 5d 7c 5c 75 32 36 66 39 29 28 28 3f 3a 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 66 65 30 66 29 5c 75 32 30 30 64 5b 5c 75 32 36 34 30 5c 75 32 36 34 32 5d 5c 75 66 65 30 66 29 7c 28 3f 3a 5c 75 64 38 33 63 5b 5c 75 64 66 63 33 5c 75 64 66 63 34 5c 75 64 66 63 61 5d 7c 5c 75 64 38 33 64 5b 5c 75 64 63 36 65 5c 75 64 63 37 30 5c 75 64 63 37 31 5c 75 64 63 37 33 5c 75 64 63 37 37 5c 75 64 63 38 31 5c 75 64 63 38 32 5c 75 64 63 38 36 5c 75 64 63 38 37 5c 75 64 65 34 35 2d 5c 75 64 65 34 37 5c 75 64 65 34 62 5c 75 64 65 34 64 5c 75 64 65 34 65 5c 75 64 65 61 33 5c 75 64 65 62 34 2d 5c 75 64 65 62 36 5d 7c 5c 75 64 38 33 65 5b 5c 75 64 64 32 36 5c 75 64 64 33 35 5c 75 64 64 33 37 2d 5c 75 64 64 33 39 5c 75 64 64 33 64 5c 75 64 64
                                                                                                                                                                                                                                        Data Ascii: ]|\u26f9)((?:\ud83c[\udffb-\udfff]|\ufe0f)\u200d[\u2640\u2642]\ufe0f)|(?:\ud83c[\udfc3\udfc4\udfca]|\ud83d[\udc6e\udc70\udc71\udc73\udc77\udc81\udc82\udc86\udc87\ude45-\ude47\ude4b\ude4d\ude4e\udea3\udeb4-\udeb6]|\ud83e[\udd26\udd35\udd37-\udd39\udd3d\udd
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 30 66 7c 5c 75 64 38 33 64 5c 75 64 63 31 35 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 62 61 7c 5c 75 64 38 33 64 5c 75 64 63 33 62 5c 75 32 30 30 64 5c 75 32 37 34 34 5c 75 66 65 30 66 7c 5c 75 64 38 33 64 5c 75 64 63 34 31 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 64 65 38 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 32 30 30 64 5c 75 64 38 33 64 5b 5c 75 64 63 36 36 5c 75 64 63 36 37 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 32 30 30 64 5c 75 64 38 33 64 5b 5c 75 64 63 36 36 5c 75 64 63 36 37 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 66 5c 75 32 30 30 64 5c 75 32 36 34 30 5c 75 66 65 30 66 7c 5c 75 64 38 33 64 5c 75 64 63 36 66 5c 75 32 30 30 64 5c 75 32 36 34 32 5c 75 66 65 30 66 7c 5c 75 64 38 33 64 5c 75 64 65 32 65 5c 75 32 30 30 64 5c
                                                                                                                                                                                                                                        Data Ascii: 0f|\ud83d\udc15\u200d\ud83e\uddba|\ud83d\udc3b\u200d\u2744\ufe0f|\ud83d\udc41\u200d\ud83d\udde8|\ud83d\udc68\u200d\ud83d[\udc66\udc67]|\ud83d\udc69\u200d\ud83d[\udc66\udc67]|\ud83d\udc6f\u200d\u2640\ufe0f|\ud83d\udc6f\u200d\u2642\ufe0f|\ud83d\ude2e\u200d\
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1369INData Raw: 32 36 61 37 5c 75 32 36 61 61 5c 75 32 36 61 62 5c 75 32 36 62 30 5c 75 32 36 62 31 5c 75 32 36 62 64 5c 75 32 36 62 65 5c 75 32 36 63 34 5c 75 32 36 63 35 5c 75 32 36 63 38 5c 75 32 36 63 66 5c 75 32 36 64 31 5c 75 32 36 64 33 5c 75 32 36 64 34 5c 75 32 36 65 39 5c 75 32 36 65 61 5c 75 32 36 66 30 2d 5c 75 32 36 66 35 5c 75 32 36 66 38 5c 75 32 36 66 61 5c 75 32 36 66 64 5c 75 32 37 30 32 5c 75 32 37 30 38 5c 75 32 37 30 39 5c 75 32 37 30 66 5c 75 32 37 31 32 5c 75 32 37 31 34 5c 75 32 37 31 36 5c 75 32 37 31 64 5c 75 32 37 32 31 5c 75 32 37 33 33 5c 75 32 37 33 34 5c 75 32 37 34 34 5c 75 32 37 34 37 5c 75 32 37 35 37 5c 75 32 37 36 33 5c 75 32 37 36 34 5c 75 32 37 61 31 5c 75 32 39 33 34 5c 75 32 39 33 35 5c 75 32 62 30 35 2d 5c 75 32 62 30 37 5c 75 32
                                                                                                                                                                                                                                        Data Ascii: 26a7\u26aa\u26ab\u26b0\u26b1\u26bd\u26be\u26c4\u26c5\u26c8\u26cf\u26d1\u26d3\u26d4\u26e9\u26ea\u26f0-\u26f5\u26f8\u26fa\u26fd\u2702\u2708\u2709\u270f\u2712\u2714\u2716\u271d\u2721\u2733\u2734\u2744\u2747\u2757\u2763\u2764\u27a1\u2934\u2935\u2b05-\u2b07\u2


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        75192.168.2.44982318.164.116.334437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC718OUTGET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1
                                                                                                                                                                                                                                        Host: js.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC1389INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 200
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Last-Modified: Tue, 23 Apr 2024 20:03:42 GMT
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Server: Cloudfront
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:18:04 GMT
                                                                                                                                                                                                                                        Cache-Control: max-age=31536000
                                                                                                                                                                                                                                        Etag: "3437aaddcdf6922d623e172c2d6f9278"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        Via: 1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                        Age: 2214
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Content-Security-Policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
                                                                                                                                                                                                                                        Timing-Allow-Origin: *
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                        X-Amz-Cf-Pop: JFK50-P6
                                                                                                                                                                                                                                        X-Amz-Cf-Id: 1Tuigvp8BVwUimAnLYAoEmgZymi9A-Uq4uPjsYJeETLjMwhBZWYLJA==
                                                                                                                                                                                                                                        2024-04-27 00:35:31 UTC200INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 66 69 6e 67 65 72 70 72 69 6e 74 65 64 2f 6a 73 2f 6d 2d 6f 75 74 65 72 2d 31 35 61 32 62 34 30 61 30 35 38 64 64 66 66 31 63 66 66 64 62 36 33 37 37 39 66 65 33 64 65 31 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                                        Data Ascii: <!doctype html><html><head><meta charset="utf-8"/><script defer="defer" src="https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js"></script></head><body></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        76192.168.2.449824104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC885OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1035INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:32 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SFwxf7zhjy%2FVGkmU7SjFE2bPY3Qjj1WJvP1jeURULjFqKvgyXEXzt%2BEMe%2B8DR1FrDVVFOkr0fFRFbLKNGg58yl6DNWwKuAp5A7WpXNCw0phPfwl3JheS678u7E%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbaeda48199d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC334INData Raw: 37 62 61 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba9<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20
                                                                                                                                                                                                                                        Data Ascii: rt" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots"
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f
                                                                                                                                                                                                                                        Data Ascii: y === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ?
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72
                                                                                                                                                                                                                                        Data Ascii: sightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {par
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: ://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09
                                                                                                                                                                                                                                        Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a
                                                                                                                                                                                                                                        Data Ascii: y(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70
                                                                                                                                                                                                                                        Data Ascii: {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (p
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35
                                                                                                                                                                                                                                        Data Ascii: )}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        77192.168.2.44982518.164.116.334437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC622OUTGET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1
                                                                                                                                                                                                                                        Host: js.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC697INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 526
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Last-Modified: Thu, 25 Apr 2024 20:09:42 GMT
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Server: Cloudfront
                                                                                                                                                                                                                                        Date: Fri, 26 Apr 2024 23:43:45 GMT
                                                                                                                                                                                                                                        Cache-Control: max-age=31536000
                                                                                                                                                                                                                                        Etag: "d96c709017743c0759cf3853d1806ba5"
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        Via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                        Age: 3353
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Timing-Allow-Origin: *
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                        X-Amz-Cf-Pop: JFK50-P6
                                                                                                                                                                                                                                        X-Amz-Cf-Id: DCDUTQxOeo1Cvq6P_ZrvZ4FlRnVWJR-6Zqb0njq2f-qNZ7idLEqASQ==
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC526INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 22 68 74 74 70 73 3a 2f 2f 6d 2e 73 74 72 69 70 65 2e 6e 65 74 77 6f 72 6b 22 2c 6e 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2c 74 3d 2f 70 72 65 76 69 65 77 3d 74 72 75 65 2f 2e 74 65 73 74 28 6e 29 3f 22 69 6e 6e 65 72 2d 70 72 65 76 69 65 77 2e 68 74 6d 6c 22 3a 22 69 6e 6e 65 72 2e 68 74 6d 6c 22 2c 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 66 72 61 6d 65 22 29 3b 6f 2e 73 72 63 3d 22 22 2e 63 6f 6e 63 61 74 28 65 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 74 29 2e 63 6f 6e 63 61 74 28 6e 29 3b 76 61 72 20 69 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 69 66 28 6e 2e 6f 72 69 67 69 6e 3d 3d 3d 65 29 7b 76 61
                                                                                                                                                                                                                                        Data Ascii: !function(){"use strict";var e="https://m.stripe.network",n=window.location.hash,t=/preview=true/.test(n)?"inner-preview.html":"inner.html",o=document.createElement("iframe");o.src="".concat(e,"/").concat(t).concat(n);var i=function(n){if(n.origin===e){va


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        78192.168.2.449826104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC562OUTGET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC893INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:32 GMT
                                                                                                                                                                                                                                        Content-Type: image/png
                                                                                                                                                                                                                                        Content-Length: 12720
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: origSize=15142
                                                                                                                                                                                                                                        ETag: "fdfc6-3b26-5b48c89c94beb"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 01:35:32 GMT
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Nov 2020 16:43:03 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Vary: Accept
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: REVALIDATED
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6lNGrtKqyqWcUdsEDvUEcKoNnpvI95qy%2F%2FBQU5j4og0kiGCeOG5OWJhhl9RRqLzse1jYon159j%2FklL41u0sWW50m15vipUQYErxaAzRbJYnuTm3daWv7fg4wyY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbb15dac8c72-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC476INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 2c 00 00 01 05 08 04 00 00 00 f3 d7 12 00 00 00 31 77 49 44 41 54 78 da ec d2 3d 4b 9b 51 1c 86 f1 93 2b 24 be b4 19 0a 4f b0 e0 60 db 41 3a 38 28 0e 05 d1 6e ed de 42 5d 1c 14 dd 52 70 e8 57 08 e9 07 70 e9 26 52 bf 80 20 b4 1d 2a b6 42 e8 20 74 2b 3a 66 70 0b 18 43 b1 48 cc 93 7f 41 c2 a1 1e 4e 8b 50 50 62 ee df 35 de eb ed 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 7a 00 50 20 e7 fe 81 1c f7 c0 89 5c 1d 23 94 a9 b2 c9 2c d9 e8 9e 65 96 4d f6 29 33 e2 44 ae 7c ab 2d da 18 c6 11 2b e4 5d 80 3c 2b 1c 61 18 6d b6 74 2d f1 c8 32 ce 24 85 e8 36 cc 1a 6d ac 5b 93 55 f2 c1 ad 56 69 fa bd cd 1a c3 2e 82 02 93 8c 93 75 d2 2f c8 51 a2 46 9d 1d 16 c2
                                                                                                                                                                                                                                        Data Ascii: PNGIHDR,1wIDATx=KQ+$O`A:8(nB]RpWp&R *B t+:fpCHANPPb5DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDzP \#,eM)3D|-+]<+amt-2$6m[UVi.u/QF
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: a4 ac 33 e4 a4 37 30 c3 31 e6 fb c5 37 de 30 4d 91 69 be d0 c1 6e a0 0e bf d9 b5 63 90 36 a2 38 8e e3 e7 2f 8d 24 21 55 68 09 81 10 74 72 52 70 88 ed d0 2e 2e 9a b5 0e 82 a5 cd a0 b8 15 11 3a 9a a9 c5 ba e9 e4 a4 a8 9b d0 55 85 22 28 06 41 0b 25 5d 84 22 11 1c 74 08 a6 70 42 68 93 98 42 fc b6 94 92 21 5c 4d 4c eb 79 c2 7d be db 9b ff f0 ee bd 77 29 3d 52 58 31 bd d6 47 15 45 b5 73 3d 31 5c 77 81 a4 59 8b 8f 6b 53 07 ca 36 33 56 01 82 35 05 9a 1b ad 9c be c8 b4 38 1c cc ba 2f 8e 77 82 1e 28 2d 9a cb 47 3b 1d c4 e8 27 c1 04 f3 2c b0 c8 26 bb 35 6d b2 c8 02 f3 4c 90 a0 9f 18 1d b4 e3 43 cd f6 59 0f 0d 97 f3 e9 b1 ce c5 75 f2 13 a5 8f 04 49 d6 d8 e7 18 93 02 15 1a 51 a1 80 c9 31 fb ac 91 24 41 1f 51 fc e8 7a e5 f5 d4 70 39 9d 5a 34 d5 e8 86 17 a4 8b 38 d3 ac
                                                                                                                                                                                                                                        Data Ascii: 370170Minc68/$!UhtrRp..:U"(A%]"tpBhB!\MLy}w)=RX1GEs=1\wYkS63V58/w(-G;',&5mLCYuIQ1$AQzp9Z48
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 10 5f 8a b1 e6 0a 32 11 fd 38 82 3d 87 e9 83 bb b1 36 d2 01 91 c7 14 2e 21 1b 91 c7 af 28 c1 ca 01 c6 13 a0 3d 13 d9 e6 ba 72 05 59 40 47 cf 58 cd 8d da 6a b3 b0 aa 80 df 10 4a 39 5c 6f c3 20 b2 11 b9 dc ca fb 5c 81 c8 8e d9 f0 b6 93 87 e8 c2 5b 84 28 65 27 ab f9 35 35 60 52 c9 30 57 63 45 f9 29 42 5c 46 25 25 cc 27 17 71 39 c7 88 67 27 17 9b a9 d8 41 1c c1 8d 10 bf a1 00 35 d6 66 b5 f5 79 34 0d 9d a9 fd 22 5e 7d f9 33 11 92 c6 0c d7 fd cc e0 56 72 10 19 5c c3 7d e4 20 ae a4 c2 dc 30 cf 43 04 b8 8e f1 0c a1 0b d9 f4 8c db c2 82 8c 74 8d b1 2a 18 8e 10 f3 00 28 63 28 22 9b 3f 5a 6c 35 04 e1 67 10 ed 10 c3 a9 c0 9d 08 7f a6 2f b2 6a bf ce f4 79 34 0d 5d ab 1a 11 ab 0b d8 42 94 94 30 c3 f5 3e ec 60 21 f9 88 00 e7 d0 0d d1 9e 17 cc 75 61 3c 8a 51 80 02 de 04
                                                                                                                                                                                                                                        Data Ascii: _28=6.!(=rY@GXjJ9\o \[(e'55`R0WcE)B\F%%'q9g'A5fy4"^}3Vr\} 0Ct*(c("?Zl5g/jy4]B0>`!ua<Q
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: 98 c4 44 8c 0e fc db 09 e3 44 84 0f 28 c3 9e 12 c6 a0 58 15 6b aa f2 5b 79 49 5a 01 75 d1 50 4d d1 23 da 1d 5f 70 ee c5 9b 2e cd 29 7e fc 88 4c 46 b1 89 30 18 44 38 c8 d3 cc 61 16 cb d8 4d 1d 4e 94 f0 24 43 c8 40 9f b1 32 18 cc 12 3e 26 8a 33 7f a1 3d a2 27 3b b0 27 c4 4a fa 33 97 10 f6 bc 49 1f 6b 61 7a b7 1e d1 14 0d 55 f7 56 98 7a 50 3b 5d ad e5 da a5 72 45 44 bc 72 58 4c 04 27 6a 99 4d 06 59 0c 24 cf e8 4f 98 4f 19 16 5c 42 e7 e1 64 a3 53 a4 2c 2e 64 39 e5 38 11 e4 16 02 88 51 bc 6d 63 c0 4f b8 8b 4e 88 4e 3c e7 60 cf 08 4f da e5 b4 22 2a d7 1e 2d d7 55 ad aa 81 59 6d b4 40 41 61 af eb 28 27 11 c5 0c 45 f4 e1 a7 c6 67 35 9b eb d8 45 24 c9 43 ec 5f 23 07 9d 62 e5 f0 b5 04 03 00 0e 33 9e 00 a2 2f 0b 28 b7 34 02 5d 43 26 42 14 f0 5b a2 d8 53 c5 44 e4 a4
                                                                                                                                                                                                                                        Data Ascii: DD(Xk[yIZuPM#_p.)~LF0D8aMN$C@2>&3=';'J3IkazUVzP;]rEDrXL'jMY$OO\BdS,.d98QmcONN<`O"*-UYm@Aa('Eg5E$C_#b3/(4]C&B[SD
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: ee 61 34 4a b0 b6 95 50 0d 6c a3 43 0a 29 d3 49 94 63 25 c4 53 1c 22 65 8c 79 85 16 d5 69 af 7e a4 42 df e9 87 be a8 37 14 11 8d 35 8c 13 a4 4e 84 08 80 5d e7 7b d2 ea cd 4e 9e 62 2c 43 59 c8 3e be 86 6c 95 6d b1 6a c0 b1 e0 3b 91 0f 58 c8 50 c6 f2 14 db e9 99 52 a1 67 21 61 ac 84 89 92 3a 27 18 86 ec 14 d1 1b fa a2 ef f4 42 99 5a e9 f4 69 5d 40 73 b1 9e 1e 28 05 75 65 88 61 92 0c fa d2 07 9d a4 fa 98 ad d1 d9 0c 4e b1 aa d8 83 f5 34 17 0b 9c 57 ed 95 a7 d9 b5 03 ca d1 46 a7 fe ab 7d 34 0f 87 b9 04 a5 b1 2e e1 30 cd c3 3e e7 d5 72 e3 69 d6 51 2a 69 89 b0 d3 14 ea 68 0e c2 dc 49 a0 85 5a 26 39 05 b8 93 30 cd 41 1d 53 90 bd 96 9c 76 21 bc 46 aa cc 2e 7e 79 96 e6 61 03 f9 2d d4 30 c9 2b 9f 0d 34 0f cf da c7 81 65 69 7d ee 50 ed d5 d3 46 e7 e8 05 bb 7c f5 56
                                                                                                                                                                                                                                        Data Ascii: a4JPlC)Ic%S"eyi~B75N]{Nb,CY>lmj;XPRg!a:'BZi]@s(ueaN4WF}4.0>riQ*ihIZ&90ASv!F.~ya-0+4ei}PF|V
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: a6 64 2c f7 cb bd b3 79 12 2b af c4 6d 5e 5f e5 b5 98 8c 96 5d db e3 8b 71 e6 09 f0 53 22 0e eb 55 6f de 8b bd db d0 d4 4f 4f a6 a7 e1 97 69 d5 d3 60 87 46 a9 32 d1 3c 99 28 fb d9 c0 32 66 31 9e f1 3c 49 28 81 b1 b2 59 6d b3 c6 5d 40 09 f1 dc 6d 99 01 73 e2 a4 8c 05 75 fc 90 00 4a 60 94 28 b7 c5 ad 31 0f 51 cd 55 c8 54 e3 b6 c7 5a 6e b6 4c c9 fa 10 00 78 8b fc b8 bc d4 fd 44 6c 8d 35 91 da a6 f6 34 54 6a 94 2f dd 69 e8 73 e0 5b d4 e3 46 c8 34 95 d3 56 98 cf 1e 20 c2 64 cb 74 2d eb 6b af 26 1b 99 3a 83 f7 4f d2 58 b0 8f b3 50 02 a3 7c c4 f9 c8 54 0f 76 03 0f c5 c4 81 66 db a3 e3 0d 38 19 3c 40 14 a8 63 26 8a d1 97 f9 c8 5c c9 ae b0 3c 6d 3e 40 79 d3 7a 1a b6 2a cf 97 fe e8 27 8a 0e e0 08 a9 13 e6 d9 b8 0d 63 1c d5 40 39 5f 46 31 9a 87 95 77 e3 42 e7 5c 5e
                                                                                                                                                                                                                                        Data Ascii: d,y+m^_]qS"UoOOi`F2<(2f1<I(Ym]@msuJ`(1QUTZnLxDl54Tj/is[F4V dt-k&:OXP|Tvf8<@c&\<m>@yz*'c@9_F1wB\^
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: a5 fb f5 b2 f9 06 9b 29 a5 9a 62 96 d3 df e1 1e 8b d7 e9 66 69 16 de 4e 90 3a 3e e4 d6 b8 f5 21 c0 bd 44 53 3b 4c 61 6a 31 93 b1 9e b2 16 01 be 43 d0 e6 23 21 a6 10 c6 9e 0f e8 89 2c e5 e8 d4 8d 55 ce 75 c8 54 27 26 b0 8c 0d 6c 62 03 0f 71 31 81 b8 b2 d2 13 38 61 e6 de c2 fa 8e 2f 3d 51 8e 5e 32 7a 93 12 f2 0a d6 6a 59 27 86 30 82 b3 c9 46 0e 07 23 ea b8 c3 92 bb c9 67 34 d7 73 36 59 d6 94 6a b3 1e ff 0a 30 9e 23 96 d2 b3 eb 96 6b a6 49 9d cb d1 ee c6 8a b2 dc 88 36 ad 9b af d9 d8 6d ea cb 1c 05 70 fb 79 5e 4a d3 0b 9b 34 50 1f b9 7c 76 0c 93 dc 4d 26 72 55 27 fe 08 26 87 19 81 fb 13 d8 d3 44 9b d1 58 d9 dc c4 11 bb 9e 51 d7 db e6 9f 20 0b 59 fa 49 53 33 56 b9 79 58 23 e9 63 ba 6e 3f cf 71 0d f1 a5 23 ba 53 d1 7e 14 e1 ce 27 4c 24 e0 6a 92 5f 11 22 96 37
                                                                                                                                                                                                                                        Data Ascii: )bfiN:>!DS;Laj1C#!,UuT'&lbq18a/=Q^2zjY'0F#g4s6Yj0#kI6mpy^J4P|vM&rU'&DXQ YIS3VyX#cn?q#S~'L$j_"7
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: d7 6c 62 2d 37 d3 01 d1 89 3f 10 c5 4a 84 15 74 43 b8 ab 0b 5b c0 e0 63 ce 47 16 05 98 44 19 76 94 31 c9 66 cb 3d 9f 8f c1 60 0b 5d 92 3c ad b8 82 08 8d 79 93 5e 88 5e ec 32 52 29 67 f2 20 41 dc 08 33 0b 7f 6c 54 b5 5c f9 be d6 85 be a8 e3 96 ab 20 1d 88 72 2f 01 44 36 b7 72 dc cc 5a 2d a3 13 62 10 45 34 a6 9e a5 74 44 76 72 3c 66 75 84 7e 49 df a8 5a c1 f7 6c 57 a3 7e 1c 49 f1 cc 62 47 96 52 6f 1b 4f 8e 46 64 f2 00 11 a2 fc 96 0e 88 2b 28 c5 82 db 9d 3f c7 d3 f4 3a f1 93 41 85 2a 4a 7c 7d 2d 96 cb 89 26 50 06 26 21 7e 4a 06 19 2c c4 8e 10 bf c2 dd 5a dd 79 97 32 56 b1 9c c3 54 73 b9 c3 86 79 1b 95 c4 52 c9 6d 0e 9b dc e5 54 73 98 65 ac a4 c4 bc cf c7 59 ce 9b 79 1d 77 91 81 c8 66 0e 25 bc 4d 7f 44 0f 36 01 b0 87 df 50 8e 3d 61 e3 96 44 53 45 2a f4 b5 36
                                                                                                                                                                                                                                        Data Ascii: lb-7?JtC[cGDv1f=`]<y^^2R)g A3lT\ r/D6rZ-bE4tDvr<fu~IZlW~IbGRoOFd+(?:A*J|}-&P&!~J,Zy2VTsyRmTseYywf%MD6P=aDSE*6
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1369INData Raw: cc 47 f2 05 e4 22 02 4c e0 28 a9 52 c9 1e 56 33 97 f1 0c a4 3b 39 c8 45 39 74 67 20 e3 99 cb 6a f6 50 49 32 d4 f1 32 5f 23 17 71 29 a5 60 52 c6 14 32 11 01 be 4e 49 43 08 2f 32 b9 91 c3 2e 8f 2c 71 aa d7 0d 3e 8f 78 34 4b d1 c6 01 f0 5c 42 38 73 98 3e 88 0e bc 66 66 a0 7f 47 67 a3 be 57 44 d3 09 71 8c 77 59 c7 63 cc 63 1a e3 19 69 d1 78 a6 31 8f c7 58 c7 bb 1c 23 94 d2 ed cd 77 18 c5 a5 3c 6e a7 cc 92 02 9d 40 00 91 c5 38 23 84 9f c2 71 ec 09 31 d7 fe c1 63 b6 cf c3 d2 9f f5 6b fb 66 b8 25 84 b1 60 b9 4b b5 0d cf 5a 9a 64 2e 60 37 76 d4 37 d1 66 41 8b 42 34 85 2a 9e 62 20 01 84 9f cb 79 91 5a a7 44 a9 d9 14 5d 86 3d 11 7e 43 27 64 a7 df a5 f5 80 8f e6 47 ed b5 45 d8 29 9f 3f 11 c1 89 65 e4 20 be c8 6a f6 f1 90 11 c8 9f c1 06 ec d8 c9 14 56 52 c6 bf 82 30
                                                                                                                                                                                                                                        Data Ascii: G"L(RV3;9E9tg jPI22_#q)`R2NIC/2.,q>x4K\B8s>ffGgWDqwYccix1X#w<n@8#q1ckf%`KZd.`7v7fAB4*b yZD]=~C'dGE)?e jVR0
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC1292INData Raw: 9c 20 b0 81 b6 88 81 1c c3 ca 21 7a 21 44 0e b9 b4 c5 8f c8 b0 d9 0c 8b e9 8b e8 ca 4e 00 42 ac a4 80 2c 7a 32 87 20 16 dc 06 ae 59 55 6f 39 39 5e a1 1b 7d 1e 4d 47 99 ba 56 8f e8 65 3d ad 45 9a a9 a9 ba 4a 37 e8 1e 7d 68 73 c3 84 b1 6e a5 46 94 a9 18 35 3d 73 20 6d 21 45 58 30 0a 34 01 72 1b 94 6d 3c 39 d6 10 4f 98 29 71 cf 81 11 b6 f0 07 f6 13 22 19 a2 ec 66 32 b9 76 ad 30 f7 e8 06 5d a5 a9 9a a9 45 7a 5a af 68 b9 ae 55 a6 cf e3 a4 4b 3b 6d a4 b8 7f 5f af 2a 61 55 5f 1e e0 23 52 23 c8 b7 e9 4a 5b 9e 02 60 3b 79 0e c6 9a 6b f4 23 bc ca 26 36 f1 63 32 8c 0c 95 5d fe 3d c0 37 a8 23 55 3e e2 01 fa da 77 2c 5c 1f 5b ba 91 d4 c6 ab 0b 7e 46 a8 83 b6 da 1f 69 bf 94 d5 04 b1 e0 b2 39 ee e2 45 8e 18 1b 5e a1 ad b1 2a b9 0c e1 67 99 99 08 e8 85 08 b0 10 2b fb 99
                                                                                                                                                                                                                                        Data Ascii: !z!DNB,z2 YUo99^}MGVe=EJ7}hsnF5=s m!EX04rm<9O)q"f2v0]EzZhUK;m_*aU_#R#J[`;yk#&6c2]=7#U>w,\[~Fi9E^*g+


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        79192.168.2.449830151.101.192.1764437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:32 UTC686OUTGET /inner.html HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.network
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                        Referer: https://js.stripe.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC1039INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Length: 930
                                                                                                                                                                                                                                        Cache-Control: max-age=300, public
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
                                                                                                                                                                                                                                        strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        server: Fastly
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Age: 0
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:33 GMT
                                                                                                                                                                                                                                        Via: 1.1 varnish
                                                                                                                                                                                                                                        X-Request-ID: be57a33d-7d2e-4683-a670-36a5b3c61deb
                                                                                                                                                                                                                                        X-Served-By: cache-ewr18169-EWR
                                                                                                                                                                                                                                        X-Cache: MISS
                                                                                                                                                                                                                                        X-Cache-Hits: 0
                                                                                                                                                                                                                                        X-Timer: S1714178133.012583,VS0,VE388
                                                                                                                                                                                                                                        Vary: Accept-Encoding, Origin
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC930INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 74 69 74 6c 65 3e 53 74 72 69 70 65 4d 2d 49 6e 6e 65 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 3e 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 3b 65 2e 64 65 66 65 72 3d 21 30 2c 65 2e 73 72 63 3d 22 6f 75 74 2d 34 2e 35 2e 34 33 2e 6a 73 22 2c 65 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3b 77 69 6e 64 6f 77 2e 53 74 72 69 70 65 4d 26 26 28 65 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2c 2f 70 69 6e 67 3d 66
                                                                                                                                                                                                                                        Data Ascii: <!doctype html><html><head><meta charset="utf-8"><title>StripeM-Inner</title></head><body><script>!function(){var e=document.createElement("script");e.defer=!0,e.src="out-4.5.43.js",e.onload=function(){var e;window.StripeM&&(e=window.location.hash,/ping=f


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        80192.168.2.449831104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC773OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC820INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:33 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:35:33 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPmIxs8jNK%2FgJB%2Fr413xPCRVZvIVeFeDfqviiVgA0N5TRIGuBF8qJIGY1iaWIHocBdyCCo2iwwRb0slddmqnMCOWBzbIfY2ECOXZghBGElPF4FG4gYAHwmnpBgg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbb5aac90f9c-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC549INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC1369INData Raw: 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20
                                                                                                                                                                                                                                        Data Ascii: fault .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC1369INData Raw: 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61
                                                                                                                                                                                                                                        Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC584INData Raw: 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e
                                                                                                                                                                                                                                        Data Ascii: olor: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        81192.168.2.449833104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC904OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC1022INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:33 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INbfn0EYR4%2BfILW7Xt2QaHsHdAY5ekebKfUqHOVkME9oA1%2BvRrB0%2BrnVz7yYl3WOrtifdKwc%2BIpU0D%2BsebIYUldPrMeXYGKaAVXIr%2F1IzRwdsdYlpdpFHZHLEOo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbb5fe180f8d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        82192.168.2.449834216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178132170&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1337 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:33 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        83192.168.2.449835192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4629&rand=0.3235756268755505 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:33 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:33 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        84192.168.2.449836151.101.192.1764437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:34 UTC540OUTGET /out-4.5.43.js HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.network
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/inner.html
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC537INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Length: 88751
                                                                                                                                                                                                                                        Cache-Control: max-age=300, public
                                                                                                                                                                                                                                        Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                        strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        server: Fastly
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Age: 0
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:35 GMT
                                                                                                                                                                                                                                        Via: 1.1 varnish
                                                                                                                                                                                                                                        X-Request-ID: d2f086bc-16fb-4c57-ae72-091444e44788
                                                                                                                                                                                                                                        X-Served-By: cache-lga21929-LGA
                                                                                                                                                                                                                                        X-Cache: MISS
                                                                                                                                                                                                                                        X-Cache-Hits: 0
                                                                                                                                                                                                                                        X-Timer: S1714178135.894748,VS0,VE111
                                                                                                                                                                                                                                        Vary: Accept-Encoding, Origin
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC16384INData Raw: 76 61 72 20 53 74 72 69 70 65 4d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 72 29 7b 69 66 28 74 5b 72 5d 29 72 65 74 75 72 6e 20 74 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 5f 3d 74 5b 72 5d 3d 7b 69 3a 72 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 2e 63 61 6c 6c 28 5f 2e 65 78 70 6f 72 74 73 2c 5f 2c 5f 2e 65 78 70 6f 72 74 73 2c 6e 29 2c 5f 2e 6c 3d 21 30 2c 5f 2e 65 78 70 6f 72 74 73 7d 72 65 74 75 72 6e 20 6e 2e 6d 3d 65 2c 6e 2e 63 3d 74 2c 6e 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 6e 2e 6f 28 65 2c 74 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21
                                                                                                                                                                                                                                        Data Ascii: var StripeM=function(e){var t={};function n(r){if(t[r])return t[r].exports;var _=t[r]={i:r,l:!1,exports:{}};return e[r].call(_.exports,_,_.exports,n),_.l=!0,_.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC16384INData Raw: 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 29 72 65 74 75 72 6e 20 68 28 65 29 7d 28 65 29 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 6e 75 6c 6c 21 3d 65 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 7c 7c 6e 75 6c 6c 21 3d 65 5b 22 40 40 69 74 65 72 61 74 6f 72 22 5d 29 72 65 74 75 72 6e 20 41 72 72 61 79 2e 66 72 6f 6d 28 65 29 7d 28 65 29 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 21 65 29 72 65 74 75 72 6e 3b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 72 65 74 75 72 6e 20 68 28 65 2c 74 29 3b 76 61 72 20 6e 3d 4f 62 6a 65 63 74 2e 70 72
                                                                                                                                                                                                                                        Data Ascii: (e){return function(e){if(Array.isArray(e))return h(e)}(e)||function(e){if("undefined"!=typeof Symbol&&null!=e[Symbol.iterator]||null!=e["@@iterator"])return Array.from(e)}(e)||function(e,t){if(!e)return;if("string"==typeof e)return h(e,t);var n=Object.pr
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC16384INData Raw: 7b 74 2e 70 6f 73 74 4d 65 73 73 61 67 65 28 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 7b 6f 72 69 67 69 6e 61 74 69 6e 67 53 63 72 69 70 74 3a 22 6d 22 2c 70 61 79 6c 6f 61 64 3a 65 7d 29 2c 22 2a 22 29 7d 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 62 74 6f 61 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 7d 7d 2c 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 31 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 32 26 26 76 6f 69 64 20 30
                                                                                                                                                                                                                                        Data Ascii: {t.postMessage(JSON.stringify({originatingScript:"m",payload:e}),"*")}}catch(e){}},f=function(){return window.btoa||function(e){return e}},s=function(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:function(){},n=arguments.length>2&&void 0
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC16384INData Raw: 6e 63 74 69 6f 6e 28 74 29 7b 6e 5b 74 5d 3d 65 5b 74 5d 7d 29 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 62 28 65 29 7d 29 29 7d 29 3a 28 6e 5b 65 5d 3d 76 6f 69 64 20 30 3d 3d 3d 74 3f 45 3a 74 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 62 28 65 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 62 28 65 29 7b 76 61 72 20 74 3d 79 28 29 3b 64 65 6c 65 74 65 20 74 5b 65 5d 2c 30 3d 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 6c 65 6e 67 74 68 26 26 64 65 6c 65 74 65 20 6c 28 29 5b 73 5d 7d 66 75 6e 63 74 69 6f 6e 20 52 28 65 29 7b 76 61 72 20 74 3d 79 28 29 2c 6e 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 2c 72 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 5f 28 29 7b 6e
                                                                                                                                                                                                                                        Data Ascii: nction(t){n[t]=e[t]})),function(){Object.keys(e).forEach((function(t){b(e)}))}):(n[e]=void 0===t?E:t,function(){b(e)})}function b(e){var t=y();delete t[e],0==Object.keys(t).length&&delete l()[s]}function R(e){var t=y(),n=Object.keys(e),r={};function _(){n
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC16384INData Raw: 65 6e 64 65 6e 63 79 5f 5f 22 2c 62 29 2c 4c 28 22 5f 5f 52 65 77 69 72 65 5f 5f 22 2c 52 29 2c 4c 28 22 5f 5f 73 65 74 5f 5f 22 2c 52 29 2c 4c 28 22 5f 5f 72 65 73 65 74 5f 5f 22 2c 70 29 2c 4c 28 22 5f 5f 52 65 73 65 74 44 65 70 65 6e 64 65 6e 63 79 5f 5f 22 2c 70 29 2c 4c 28 22 5f 5f 77 69 74 68 5f 5f 22 2c 6d 29 2c 4c 28 22 5f 5f 52 65 77 69 72 65 41 50 49 5f 5f 22 2c 64 29 29 7d 29 2e 63 61 6c 6c 28 74 68 69 73 2c 6e 28 33 29 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 72 3d 6e 28 32 29 2c 5f 3d 6e 28 31 29 2c 6f 3d 6e 28 30 29 3b 66 75 6e 63 74 69 6f 6e 20 69 28 65 29 7b 72 65 74 75 72 6e 20 69 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f
                                                                                                                                                                                                                                        Data Ascii: endency__",b),L("__Rewire__",R),L("__set__",R),L("__reset__",p),L("__ResetDependency__",p),L("__with__",m),L("__RewireAPI__",d))}).call(this,n(3))},function(e,t,n){"use strict";(function(e){var r=n(2),_=n(1),o=n(0);function i(e){return i="function"==typeo
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC6831INData Raw: 70 52 65 71 75 65 73 74 29 3b 74 72 79 7b 5f 2e 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 3d 21 30 7d 63 61 74 63 68 28 65 29 7b 7d 76 61 72 20 6f 3b 6f 3d 22 68 74 74 70 73 3a 2f 2f 6d 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 22 2b 74 3b 76 61 72 20 69 3d 73 65 74 54 69 6d 65 6f 75 74 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 28 29 7d 29 2c 32 65 33 29 3b 5f 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 5f 2e 72 65 61 64 79 53 74 61 74 65 3d 3d 3d 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 2e 44 4f 4e 45 26 26 68 28 22 77 69 6e 22 29 2e 53 74 72 69 70 65 4d 29 7b 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 69 29 3b 76 61 72 20 65 3d 5f 2e 72 65 73 70 6f 6e 73 65 54 65 78 74 3b 32 30 30 3d 3d 3d 5f 2e 73 74
                                                                                                                                                                                                                                        Data Ascii: pRequest);try{_.withCredentials=!0}catch(e){}var o;o="https://m.stripe.com/"+t;var i=setTimeout((function(){r()}),2e3);_.onreadystatechange=function(){if(_.readyState===XMLHttpRequest.DONE&&h("win").StripeM){clearTimeout(i);var e=_.responseText;200===_.st


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        85192.168.2.449832104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:34 UTC813OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178132 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178127.52.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:34 UTC745INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:34 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VfQHdAwy%2BiAaS%2BugLrPnWD5V9n2xEaa5PDkvgtjyJfGfOH%2B4xuv3ilcF3dVq0uJ%2BgYS17jJN42JuJ8Dq7JK16rk4eLfDLiwiYMEpit7sJS3r0XGRUOTr2VDvzw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbbf181a0f51-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        86192.168.2.449838216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178132170&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=3152 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:35 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        87192.168.2.449839216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC1693OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178132170&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:35 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        88192.168.2.449840192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3385&rand=0.4022322553563107 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:35 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        89192.168.2.449841216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC1246OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178118368&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3450&tfd=19280 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:36 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        90192.168.2.449842216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:35 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178124162&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=11795 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:36 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        91192.168.2.449843104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC536OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC817INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:36 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MuDFHe2VaGy17ECgIvgLKe2zamP%2BOal0GCKCJQOkBt2MmOtXFX83%2FlfchwU7xclwp%2BAyFvslIdL6MOVnAYOQWq6TLZfZ%2BITnm6rAlcVtnKb2Y1mALDfBxWLOIY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbc7ee238c06-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        92192.168.2.449844192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC687OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5823933832413537 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:36 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        93192.168.2.449845192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3385&rand=0.4022322553563107 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:36 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        94192.168.2.449846104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC827OUTGET /wp-content/uploads/favicon.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC883INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:36 GMT
                                                                                                                                                                                                                                        Content-Type: image/png
                                                                                                                                                                                                                                        Content-Length: 6966
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: status=cannot_optimize
                                                                                                                                                                                                                                        ETag: "fcd5a-1b36-532ec351dea6e"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 00:53:46 GMT
                                                                                                                                                                                                                                        Last-Modified: Mon, 16 May 2016 02:16:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 2510
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u3zWUuZ3rRjam1KsXo1Tf3GuCpIIOmNA0XcZIElA1Rxxkj3TyDJViYyJFzTLGVcHw6PaBjDnQQ5818fx5HqWxFLqBD76t1RqbTifdSUh4JpG95DBri2R55VUTSU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbc9ae1c43f7-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC486INData Raw: 42 4d 36 1b 00 00 00 00 00 00 36 00 00 00 28 00 00 00 30 00 00 00 30 00 00 00 01 00 18 00 00 00 00 00 00 1b 00 00 e9 24 00 00 e9 24 00 00 00 00 00 00 00 00 00 00 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fb fe fd ec f9 f4 d3 f0 e5 bf e9 d8 b1 e4 cf ac e2 cc ad e3 cd b5 e6 d2 c8 ed df e0 f5 ee f7 fd fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd ff fe dd f4 ec a6 e0 c8
                                                                                                                                                                                                                                        Data Ascii: BM66(00$$
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC1369INData Raw: fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff e2 f6 ef 81 d2 af 41 b8 7c 3d b2 6b 3d af 62 3e ad 5b 3e ab 56 3e aa 52 3e aa 51 3e aa 50 3f aa 4e 3f aa 4d 3f a9 4c 3f a9 4b 3f a9 4b 3f a9 4d 3f aa 4f 3e aa 51 3e aa 52 3e ac 56 3e ae 5e 3d b0 67 3c b4 73 3f ba 83 98 dc c2 fa fe fd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fd fc 9e dd c3 43 b9 7e 3d b1 6a 3d ae 60 3e ac 5a 3e ac 59 3e ac 55 3e ab 54 3e aa 52 3e aa 51 3e aa 51 3e aa 51 3e aa 50 3e aa 50 3f aa 4f 3f aa 4e 3e aa 50 3e aa 51 3e aa 51 3e aa 51 3e ab 54 3e ac 58 3e ad 5c 3d af 63 3d b3 6e 3b b7 7c
                                                                                                                                                                                                                                        Data Ascii: A|=k=b>[>V>R>Q>P?N?M?L?K?K?M?O>Q>R>V>^=g<s?C~=j=`>Z>Y>U>T>R>Q>Q>Q>P>P?O?N>P>Q>Q>Q>T>X>\=c=n;|
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 89 cb 94 3e aa 51 3e ab 54 3e ac 57 3e ac 59 3e ae 5d 3d af 62 3d b1 67 3d b2 6c 3c b3 70 3c b6 77 3a ba 83 b9 e7 d6 fe ff ff fe ff ff e3 e4 e4 02 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 87 ca 92 3e aa 51 3e ab 53 3e ac 56 3e ad 5a 3d ae 60 3d b0 64 3d b1 68 3d
                                                                                                                                                                                                                                        Data Ascii: >Q>T>W>Y>]=b=g=l<p<w:>Q>S>V>Z=`=d=h=
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC1369INData Raw: ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe 96 d4 ab 3e b0 66 3d b1 69 3d b2 6d 3d b3 70 3c b5 73 3c b5 76 3c b6 79 3c b7 7c 3b b9 80 3b b9 81 3a ba 85 3a bb 87 3a bc 89 3d be 8d 88 d7 bb e7 f7 f2 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe e3 e4 e4 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e0 e2 e1 88 be 9d 36 9d 5e 36 9e 61 36 9f 64 35 a1 67 36 a3 6a 37 a6 6e 38 ab 73 39 b1 79 3a b5 7e 3a b8 80 3a ba 84 3a bb 87 3a bc 89 3a bd 8b 43 c0 91 90 da bf eb f9 f4 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff
                                                                                                                                                                                                                                        Data Ascii: >f=i=m=p<s<v<y<|;;:::=6^6a6d5g6j7n8s9y:~:::::C
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 17 44 33 b9 e7 d4 63 b9 6d 7e c6 87 c6 e8 d3 50 c5 9a 53 c6 9b f6 fc fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f2 f3 f3 57 58 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 01 67 9b 88 c0 ea db 9e df c7 5a c8 9f 3e be 8f 3a bd 8c 3a bd 8c a9 e3 cd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66 67 67 c5 c6 c6 c5 c6 c6 c5 c6 c6 c5 c6 c6 c5 c6 c6
                                                                                                                                                                                                                                        Data Ascii: D3cm~PSWXXgZ>::fgg
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC1004INData Raw: fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 90 91 91 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 02 02 d6 d7 d7 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 7f d4 b5 8c d9 bc f4 fb f6 ef f8 f2 fd ff fe fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 75 75 75 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 df df df dc dd dd d1 d2 d2 b1 b2 b2 61 61 61 04 04 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 21 21 f7 f8 f8 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fc fe fe dd f4 ec c1 eb dc f1 fb f8 fe ff ff fe
                                                                                                                                                                                                                                        Data Ascii: uuuaaa !!


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        95192.168.2.449847192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC457OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5823933832413537 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:36 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        96192.168.2.449850104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:36 UTC543OUTGET /wp-content/uploads/favicon.png HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:37 UTC891INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:37 GMT
                                                                                                                                                                                                                                        Content-Type: image/png
                                                                                                                                                                                                                                        Content-Length: 6966
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: max-age=3600
                                                                                                                                                                                                                                        Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                                        Cf-Polished: status=cannot_optimize
                                                                                                                                                                                                                                        ETag: "fcd5a-1b36-532ec351dea6e"
                                                                                                                                                                                                                                        Expires: Sat, 27 Apr 2024 00:53:46 GMT
                                                                                                                                                                                                                                        Last-Modified: Mon, 16 May 2016 02:16:08 GMT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 2511
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mh%2FfTIp0ZtqlriDmOreJRfBkW05msaWpQUZ8IFU7w7QpasR1RJp7ryC7B%2BH8TTqrtYfiSxk2U53OhzEG67Qi%2BFbd%2FRrBwtGqF15xCkQPtDSXMl2VjdRZJDsgKMw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbcd1938727d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:37 UTC478INData Raw: 42 4d 36 1b 00 00 00 00 00 00 36 00 00 00 28 00 00 00 30 00 00 00 30 00 00 00 01 00 18 00 00 00 00 00 00 1b 00 00 e9 24 00 00 e9 24 00 00 00 00 00 00 00 00 00 00 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fb fe fd ec f9 f4 d3 f0 e5 bf e9 d8 b1 e4 cf ac e2 cc ad e3 cd b5 e6 d2 c8 ed df e0 f5 ee f7 fd fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd ff fe dd f4 ec a6 e0 c8
                                                                                                                                                                                                                                        Data Ascii: BM66(00$$
                                                                                                                                                                                                                                        2024-04-27 00:35:37 UTC1369INData Raw: ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff e2 f6 ef 81 d2 af 41 b8 7c 3d b2 6b 3d af 62 3e ad 5b 3e ab 56 3e aa 52 3e aa 51 3e aa 50 3f aa 4e 3f aa 4d 3f a9 4c 3f a9 4b 3f a9 4b 3f a9 4d 3f aa 4f 3e aa 51 3e aa 52 3e ac 56 3e ae 5e 3d b0 67 3c b4 73 3f ba 83 98 dc c2 fa fe fd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fd fc 9e dd c3 43 b9 7e 3d b1 6a 3d ae 60 3e ac 5a 3e ac 59 3e ac 55 3e ab 54 3e aa 52 3e aa 51 3e aa 51 3e aa 51 3e aa 50 3e aa 50 3f aa 4f 3f aa 4e 3e aa 50 3e aa 51 3e aa 51 3e aa 51 3e ab 54 3e ac 58 3e ad 5c 3d
                                                                                                                                                                                                                                        Data Ascii: A|=k=b>[>V>R>Q>P?N?M?L?K?K?M?O>Q>R>V>^=g<s?C~=j=`>Z>Y>U>T>R>Q>Q>Q>P>P?O?N>P>Q>Q>Q>T>X>\=
                                                                                                                                                                                                                                        2024-04-27 00:35:37 UTC1369INData Raw: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 89 cb 94 3e aa 51 3e ab 54 3e ac 57 3e ac 59 3e ae 5d 3d af 62 3d b1 67 3d b2 6c 3c b3 70 3c b6 77 3a ba 83 b9 e7 d6 fe ff ff fe ff ff e3 e4 e4 02 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 87 ca 92 3e aa 51 3e ab 53 3e ac 56 3e ad 5a 3d ae
                                                                                                                                                                                                                                        Data Ascii: >Q>T>W>Y>]=b=g=l<p<w:>Q>S>V>Z=
                                                                                                                                                                                                                                        2024-04-27 00:35:37 UTC1369INData Raw: fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe 96 d4 ab 3e b0 66 3d b1 69 3d b2 6d 3d b3 70 3c b5 73 3c b5 76 3c b6 79 3c b7 7c 3b b9 80 3b b9 81 3a ba 85 3a bb 87 3a bc 89 3d be 8d 88 d7 bb e7 f7 f2 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe e3 e4 e4 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e0 e2 e1 88 be 9d 36 9d 5e 36 9e 61 36 9f 64 35 a1 67 36 a3 6a 37 a6 6e 38 ab 73 39 b1 79 3a b5 7e 3a b8 80 3a ba 84 3a bb 87 3a bc 89 3a bd 8b 43 c0 91 90 da bf eb f9 f4 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff
                                                                                                                                                                                                                                        Data Ascii: >f=i=m=p<s<v<y<|;;:::=6^6a6d5g6j7n8s9y:~:::::C
                                                                                                                                                                                                                                        2024-04-27 00:35:37 UTC1369INData Raw: 0b 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 44 33 b9 e7 d4 63 b9 6d 7e c6 87 c6 e8 d3 50 c5 9a 53 c6 9b f6 fc fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f2 f3 f3 57 58 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 01 67 9b 88 c0 ea db 9e df c7 5a c8 9f 3e be 8f 3a bd 8c 3a bd 8c a9 e3 cd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66 67 67 c5 c6 c6 c5 c6 c6 c5
                                                                                                                                                                                                                                        Data Ascii: D3cm~PSWXXgZ>::fgg
                                                                                                                                                                                                                                        2024-04-27 00:35:37 UTC1012INData Raw: ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 90 91 91 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 02 02 d6 d7 d7 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 7f d4 b5 8c d9 bc f4 fb f6 ef f8 f2 fd ff fe fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 75 75 75 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 df df df dc dd dd d1 d2 d2 b1 b2 b2 61 61 61 04 04 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 21 21 f7 f8 f8 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fc fe fe dd f4 ec c1 eb
                                                                                                                                                                                                                                        Data Ascii: uuuaaa !!


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        97192.168.2.44985144.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:38 UTC606OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3412
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:38 UTC3412OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 32 4d 44 45 75 4d 53 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E2MDEuMSUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQ
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:39 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=9342d6d9-5943-4a67-a68c-b48667efebc2b3ce7f;Expires=Mon, 27-Apr-2026 00:35:39 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178139251625
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178139251274
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 39 33 34 32 64 36 64 39 2d 35 39 34 33 2d 34 61 36 37 2d 61 36 38 63 2d 62 34 38 36 36 37 65 66 65 62 63 32 62 33 63 65 37 66 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"9342d6d9-5943-4a67-a68c-b48667efebc2b3ce7f","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        98192.168.2.44985244.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:38 UTC606OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3408
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:38 UTC3408OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 7a 4e 6a 59 75 4e 53 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EzNjYuNSUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQ
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:39 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=b93551d9-6ce3-4e94-9b61-1076e6548d70c91ce2;Expires=Mon, 27-Apr-2026 00:35:39 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178139251146
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178139250739
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 30 37 34 32 39 33 63 32 2d 34 66 64 30 2d 34 64 38 64 2d 61 63 31 35 2d 64 34 65 31 35 38 37 65 35 31 31 36 34 38 32 38 39 61 22 2c 22 67 75 69 64 22 3a 22 62 39 33 35 35 31 64 39 2d 36 63 65 33 2d 34 65 39 34 2d 39 62 36 31 2d 31 30 37 36 65 36 35 34 38 64 37 30 63 39 31 63 65 32 22 2c 22 73 69 64 22 3a 22 61 30 64 39 38 37 65 65 2d 66 61 37 37 2d 34 62 36 36 2d 39 37 66 37 2d 63 62 61 34 37 30 63 31 32 31 37 34 38 38 37 39 39 33 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"074293c2-4fd0-4d8d-ac15-d4e1587e511648289a","guid":"b93551d9-6ce3-4e94-9b61-1076e6548d70c91ce2","sid":"a0d987ee-fa77-4b66-97f7-cba470c12174887993"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        99192.168.2.44985344.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:38 UTC606OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3392
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:38 UTC3392OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 33 4e 6a 55 75 4f 53 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E3NjUuOSUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQ
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:39 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:35:39 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178139253768
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178139252986
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 31 61 38 39 33 63 61 66 2d 62 66 32 34 2d 34 33 32 65 2d 61 38 34 36 2d 63 32 38 66 61 33 62 35 66 30 33 34 34 36 66 32 38 36 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 61 66 65 36 32 65 31 34 2d 39 31 35 35 2d 34 62 61 31 2d 61 37 38 39 2d 36 30 66 39 33 34 38 62 34 36 35 35 34 31 66 63 31 33 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"1a893caf-bf24-432e-a846-c28fa3b5f03446f286","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"afe62e14-9155-4ba1-a789-60f9348b465541fc13"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        100192.168.2.449856104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC885OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:39 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itR7zcjseNV12OeLK5QcaoLamNHbR4L%2Fq%2F36qgisgfxsRQM1zgRFSgh9BFEzeSJMGdOCFfZGyxaB7RuaqoKS4ZW6KJQ9Ks7hMlmJ71cfECCKyaLPACsKe%2F%2F0gCo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbd9ac7e4308-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                                        Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                                        Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                                        Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                                        Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                                        Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                                        Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                                        Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        101192.168.2.449855104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:39 UTC773OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC822INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:35:40 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ce%2FSYFWXExvlJ8LLoN0Ts1wikso4m6YuCVTSsoD4UIz1x96nZl4xew8MME64znwSxUGltg1BRbpmXNAbXL%2BsvSDJHEX01NJAvv1sCow%2FQhkqUs4zeVMuiA860f4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbdefbc8c32c-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC547INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76
                                                                                                                                                                                                                                        Data Ascii: default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .activ
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c
                                                                                                                                                                                                                                        Data Ascii: 0;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC586INData Raw: 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c
                                                                                                                                                                                                                                        Data Ascii: -color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active,
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        102192.168.2.44985444.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 796
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4a 6b 59 32 59 7a 4d 44 6c 6d 4c 57 4d 35 4d 54 51 74 4e 44 59 33 4e 53 31 69 4e 7a 41 7a 4c 54 4e 6a 5a 47 46 68 5a 54 41 78 4e 54 51 33 4d 6a 51 78 4f 54 51 33 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4e 6d 4e 57 49 7a 4f 44 46 6d 4c 57 51 31 5a 44 4d 74 4e 44 52 6c 5a 53 30 35 4e 54 63 79 4c 54 49 30 4e 47 52 6d 4d 54 63 33 4e 54 67 78 4d 44 55 33 4e 54 51 30 4d 43 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmJkY2YzMDlmLWM5MTQtNDY3NS1iNzAzLTNjZGFhZTAxNTQ3MjQxOTQ3MyUyMiUyQyUyMnNpZCUyMiUzQSUyMmNmNWIzODFmLWQ1ZDMtNDRlZS05NTcyLTI0NGRmMTc3NTgxMDU3NTQ0MCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:35:40 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178140465467
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178140465150
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        103192.168.2.449860104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC904OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7RmOU1G5%2BO87de7Sc93KoZpsC3bQOfQ2qJkoDeINuePtXlxmtdznoeCx3QHv5gIbUojEQjbMiEOyikkaQ%2FoDDRfVvGUxZAciOdX%2BXQwsAUrVQC%2FimHwtBDmiWk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbe16bc2727a-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        104192.168.2.449862104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC813OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178139 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178134.45.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oltc3Ui7cWsfE0BFrBnDRNyYzyjEX%2FbEHYd7Awei9n%2BQOHXIrWSm8JaUmWwvDEOo5s78RgfjuCtRKkJBPpodBYk6THaLS9yT4fBSsm4poFdwynezHaWoDYg2Dzw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbe1da044337-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        105192.168.2.449861216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178139063&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2436 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        106192.168.2.449863216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178132170&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=5&tfd=8383 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        107192.168.2.449866104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC942OUTGET /wp-content/themes/meminz/fonts/open-sans/opensans-bold-webfont.woff2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: font
                                                                                                                                                                                                                                        Referer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC761INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Type: font/woff2
                                                                                                                                                                                                                                        Content-Length: 19452
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                                        ETag: "103a4a-4bfc-50cdb39a46700"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 501
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTksTgvjejj3zOL4oyQH6lJWbRt2Ibri4gBPsKbmxXv42ZZHp3mKOyqu8CRsGOD%2Fq9Omx8VT6oS8h7SLFoDokad3bjOF3sJcuugm%2FgUqsuJOW5hVYFywRFa%2FWYA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbe39d8d72ab-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC608INData Raw: 77 4f 46 32 00 01 00 00 00 00 4b fc 00 13 00 00 00 00 b6 e8 00 00 4b 8e 00 01 19 9a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 1b 93 18 1c 81 28 06 60 00 83 5a 08 30 09 84 65 11 08 0a 82 b1 08 82 8f 3e 01 36 02 24 03 87 26 0b 83 56 00 04 20 05 88 56 07 85 65 0c 81 08 3f 77 65 62 66 06 1b f9 a2 35 78 f3 2c 29 b7 03 d2 8f eb 6d ce 28 10 36 0e 88 81 36 f3 99 88 60 e3 00 a0 59 1f 9f fd ff 67 24 27 32 c6 f6 02 b6 bc 5e 7b 81 99 64 27 65 08 cd 0f 8c 32 79 38 28 4c b4 e1 70 d4 59 90 2e b8 57 41 99 cf d1 3b bf 04 45 0d ac f1 cf c0 73 64 df be 33 0d 8b 29 99 12 ce 77 7e e5 fb 6d cf d9 98 e0 0b 36 d3 66 5a d6 a8 03 61 2a b0 7e 0a fb 28 63 cf a0 32 34 19 05 32 9c 2c 90 98 86 33 4f 28 bb b0 92 b5 42 47 46 26 1c 5c 60 b2 03 5f
                                                                                                                                                                                                                                        Data Ascii: wOF2KK?FFTM (`Z0e>6$&V Ve?webf5x,)m(66`Yg$'2^{d'e2y8(LpY.WA;Esd3)w~m6fZa*~(c242,3O(BGF&\`_
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 4f 6f 3e 38 75 90 6f e4 20 c7 88 e6 df a6 ba ea ec 28 4c 53 49 05 76 86 29 ed db 69 ec b4 dd ff 47 fe f7 75 32 e0 49 91 23 08 d9 0e c9 0e c9 2e dc 9d be 53 e9 74 4a 22 25 7e 4f 27 5b a5 89 60 2b 0b 42 64 a7 a4 a6 04 38 21 8d f4 76 c2 bd eb 48 53 5f a7 f2 50 3f 6d f6 1e 5d 22 ec ca 93 78 97 fc ab 9f a5 e8 0c 42 45 9e 8c a3 55 61 18 9c 29 55 22 f9 fb 74 56 d7 f7 24 c2 17 ee 09 f4 6c ea b0 39 1d 6e a6 c3 c6 c3 6d 4f a7 fe 41 92 15 31 fa 02 97 25 6c 0f 86 0e 18 da 53 20 dc c1 9e 20 70 58 ec 49 f6 a6 94 dd 4c cc b7 3d dd e7 38 3c d8 7e 8c a7 f9 bf 0d 44 3d cb ea cd b2 a2 6e bd d2 64 c8 f6 6c f3 42 08 12 44 72 a5 3d 5e 37 c3 d8 fc fe d0 b1 ed 45 ba 28 1d 2a 08 88 28 a8 58 71 3f ee c7 b4 fe 99 e4 b6 34 6f 6b 49 57 82 11 14 61 80 19 8a fe df f7 87 b3 7f b0 9d 68
                                                                                                                                                                                                                                        Data Ascii: Oo>8uo (LSIv)iGu2I#.StJ"%~O'[`+Bd8!vHS_P?m]"xBEUa)U"tV$l9nmOA1%lS pXIL=8<~D=ndlBDr=^7E(*(Xq?4okIWah
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: d1 c0 d5 35 91 7e 85 ab cf fe 7d 01 72 c9 17 8a c1 19 17 52 69 93 a4 59 5e 58 57 fa 50 d5 4d db f5 c3 38 cd cb ba 1d 8e a7 fd 7c b9 de ee 0f a5 98 98 9a 99 5b 58 5a 59 db d8 da d9 3b 38 3a 39 bb b8 ba b9 7b 78 7a a1 bd 31 3e 58 1c 9e e0 4b 24 91 29 7e fe 01 81 54 1a 9d c1 64 b1 83 82 43 80 b2 f2 ca ea e6 8e a3 fd 7d 03 43 83 c3 a3 c7 c7 4e 9c 3c 7d 6a fc cc d9 73 93 53 33 d3 0b f3 e7 2f b8 14 48 3e 1c 16 f5 f8 50 6f a2 f1 2a 3d 1a a8 78 1a 48 01 1c bb 06 d0 e3 e1 f4 6d 60 e4 a5 42 8e 0d 00 9c b9 f3 24 b4 a8 b4 7d 71 29 cd 86 23 df ff a4 cb af c0 cb 1f 96 d6 37 20 f3 cb 6d 28 79 bc b8 b6 aa be a1 b1 ae b5 0d 68 79 f6 48 37 b0 fc da 83 00 e0 26 87 b3 04 18 5e f8 e1 5f 98 3e df 53 56 ee d9 f3 a7 66 f1 06 2d 08 c1 7a 18 14 21 03 3e 28 e7 01 13 fb 93 c1 38 49
                                                                                                                                                                                                                                        Data Ascii: 5~}rRiY^XWPM8|[XZY;8:9{xz1>XK$)~TdC}CN<}jsS3/H>Po*=xHm`B$}q)#7 m(yhyH7&^_>SVf-z!>(8I
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: b1 c7 c9 84 4e ee 8d 56 d4 84 06 10 3e 56 9e c7 8e 18 a5 9b a2 ea 5d 49 00 dc d8 62 1f fa 9a 90 37 e0 f8 58 7f 18 59 6f cc 8f de 49 87 4d 24 bc 59 a9 c7 62 98 1d e5 a8 89 7d 2a af 62 77 64 89 e7 8a 33 63 19 97 8f a4 24 3f b0 69 23 64 02 c7 c6 3a 0d 28 01 9b 58 e5 37 ed 0b 5f 9e 64 6b 50 29 39 75 d5 e0 6e cf 15 07 96 d1 98 d2 b9 50 c8 c3 6a ce 45 96 73 d5 7c 32 e4 7c 25 77 af 4a a4 12 c1 a5 69 57 9f 51 87 b4 31 2d 31 93 f0 39 09 c5 12 c7 4a 91 38 79 79 be e7 23 d6 e6 1d 36 00 2a 27 0d 91 07 e3 86 b1 b1 32 c9 63 bd f5 06 e5 72 30 85 f3 16 79 e6 8a 59 e2 88 60 ed 19 fa 62 d3 8c f0 77 3a b9 a6 f8 1c 71 ca 64 17 32 9d 19 8e 9b 2a 65 8d 83 fa 26 55 06 44 cd eb ce 01 2f f1 72 5c 14 85 b2 c1 2e 15 b7 18 03 95 74 7d 9a 1e e9 8d 15 6d 7e 2f a8 57 82 e4 a5 72 c6 11
                                                                                                                                                                                                                                        Data Ascii: NV>V]Ib7XYoIM$Yb}*bwd3c$?i#d:(X7_dkP)9unPjEs|2|%wJiWQ1-19J8yy#6*'2cr0yY`bw:qd2*e&UD/r\.t}m~/Wr
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 31 ae 2f 42 63 62 62 5b a5 c0 ca ca 01 ad a8 8b 90 4c ab 6d 96 aa 06 d5 b5 b1 f1 6a 88 d4 96 74 6b b5 ca 29 b6 50 89 fa cc c4 58 83 7b d2 00 24 f6 6c 40 eb d3 aa c6 07 55 45 3f 0e 95 2b 82 39 82 35 bc 4e 93 15 82 28 08 56 93 00 1b 09 a9 0f ef 60 af 53 07 52 92 0f 1c e3 8f 55 01 0d d1 de 24 cc 58 51 af 70 61 cd dd d7 bc ef 02 f3 53 c9 5f 5e fc b4 3b aa 95 d7 82 70 f8 95 50 bb 5c 0f 67 80 0a 80 26 b2 e0 6a f9 10 29 05 44 c6 8a 7b aa b6 3a 0b d6 8f 0c f5 25 b7 19 1e 7b e3 89 5f a2 33 b1 26 92 36 e0 3e a9 1c e1 e4 c6 c8 fd 57 1c 66 e7 a8 e8 ba 22 a4 a7 f1 64 48 7e 23 be 80 09 49 f9 08 38 f2 68 4f 69 91 97 eb da ca fb c1 c1 72 2c 3f 9b a7 46 44 39 16 1a b6 8d 6d 67 2a c0 f2 fe a5 68 3c e2 f1 b0 99 60 35 8b 75 42 2e 5d 2e d5 ea 8c 55 99 34 5e 0d 79 75 0c 1d ce
                                                                                                                                                                                                                                        Data Ascii: 1/Bcbb[Lmjtk)PX{$l@UE?+95N(V`SRU$XQpaS_^;pP\g&j)D{:%{_3&6>Wf"dH~#I8hOir,?FD9mg*h<`5uB.].U4^yu
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: e6 25 e2 e9 7e 59 de a5 fd 11 e9 9b af 06 03 ac a6 6e df 7f 10 ce f9 4d d2 1a b4 25 9e be 08 ff f8 3e a1 eb 11 0e 7a d6 e7 89 33 a9 c8 93 59 2f ae 86 57 67 52 a2 ba f2 4b 22 0e 4a af cf 37 7a 06 6d 7c 72 f9 fc 93 74 fd f2 ef 4b a6 24 80 7e bc d9 bd fe 49 65 ee fe dd 75 73 49 df 0e 6d a9 8e 78 7e 8b 16 fe f3 98 ef c9 f5 ff 84 5e ed 2c ee cf 85 70 24 4c a5 c0 1e 3f 6a 0c 7f 69 14 61 99 25 99 e4 4d 56 8e ee 8e 96 55 c9 9f e1 9e e1 ec 01 4e 06 d5 f6 56 5f 09 b7 f0 c0 bc 72 14 bd 3d 15 78 5f bd 8e c2 4b 19 06 ee c0 91 cc e3 d5 bb d4 bf 65 28 75 e3 e0 bc 88 22 16 d2 04 e5 9b 22 01 06 af c1 43 52 03 6c b8 f4 1e 7b f8 bd 77 6a 93 a6 e0 7c 01 09 7e 99 96 4c 45 69 68 36 bf 38 2b 6d a4 0a 23 4b b9 f6 24 1a 21 ac 98 3e 29 03 b7 bf 4a 9b 47 e6 17 d7 c8 1d 67 a5 3f 89
                                                                                                                                                                                                                                        Data Ascii: %~YnM%>z3Y/WgRK"J7zm|rtK$~IeusImx~^,p$L?jia%MVUNV_r=x_Ke(u""CRl{wj|~LEih68+m#K$!>)JGg?
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 18 1b 9a 66 81 e5 21 86 55 7a 0c f8 5b 66 e1 70 58 e0 c7 a5 1d db d7 b6 0a ae de 8e 0e c4 04 b5 97 49 66 43 d3 43 33 b3 0a 89 9d 25 5a f8 37 62 ca fe a0 53 27 6a 82 3f eb 97 b2 bc 7a 07 c7 76 de c8 51 3f c4 17 03 87 06 69 97 3c c8 71 96 1f 60 db aa 82 3c d8 26 05 3b ca 25 2a ef e1 10 ac f2 80 88 5f a5 0c b1 48 c6 52 d4 5f 24 58 90 29 00 e7 43 1b ee 77 97 ee e8 4b 6a b0 71 fe 65 29 9f 11 82 4b 69 de 6f 90 59 76 11 6a f4 4d ce 23 0e 3d 46 2d c7 8e f1 21 ef 63 9e 16 9b 70 27 55 9e c4 9f 00 47 86 ab d0 6f a4 a2 95 5a 3e bb 9c da 3d d9 eb 8b 15 fd 1a eb 4a 3a 14 aa ca 91 d6 b7 9e 84 5d 7a fb de 6d e5 e7 29 e4 7b 23 e5 4b 5f f2 0a 03 c9 7c 4e 9d 97 73 f6 9e 87 82 7d 3c 3d f4 61 f3 2f 55 05 df ab 9d e1 d7 f7 c0 78 72 c0 2f f6 2e e7 74 d9 07 16 31 e2 57 6e 01 c5
                                                                                                                                                                                                                                        Data Ascii: f!Uz[fpXIfCC3%Z7bS'j?zvQ?i<q`<&;%*_HR_$X)CwKjqe)KioYvjM#=F-!cp'UGoZ>=J:]zm){#K_|Ns}<=a/Uxr/.t1Wn
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 14 2f b7 22 1b 1a fa 53 3d 16 d4 dc 92 65 e8 d2 3a 65 82 03 01 98 0a f4 e3 66 bb d2 c0 df 62 82 99 88 95 d6 c4 e8 e4 46 bc 72 88 29 a5 d8 b2 82 a4 f8 fa e2 88 d8 da e2 c4 c4 f2 7c c8 5d df 3f 5f 15 5d 96 0c bf 99 e8 51 0c 0d c9 7a 7a e4 1e e0 94 ef 53 6d ff cc 5d 85 ff 09 67 9a 03 51 cc 8f ad 0c 78 50 16 21 9f 31 35 5a b5 82 23 c6 ad 53 3e 3f 8a 33 fe 99 13 3a a4 00 93 e6 90 be d2 bb e1 87 fc a1 66 b3 a0 96 3e 8d 16 8b b4 8c b5 6e 36 c4 a6 1c c8 b0 0c 6e e4 5b c5 19 97 59 1b 99 2e be 41 60 48 df 77 15 e0 70 49 6a a1 0f 82 53 6a 02 56 42 dd 02 53 0d 01 a9 60 6f 6e 26 60 31 9a 11 e5 5f 25 77 46 f9 c6 3c ea 67 49 29 5e 7c fe ee e6 ce 9d fe f0 cf ff 3e 47 cc cf 3a 09 9e 32 a6 4e 1c c8 4d e2 92 01 4a 4d e6 63 40 63 c6 dd a7 2a 44 9f 08 ba 16 e5 ce ea 25 99 6f
                                                                                                                                                                                                                                        Data Ascii: /"S=e:efbFr)|]?_]QzzSm]gQxP!15Z#S>?3:f>n6n[Y.A`HwpIjSjVBS`on&`1_%wF<gI)^|>G:2NMJMc@c*D%o
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: eb a1 9c a1 e6 9a 75 a4 46 ba b4 79 bc 4f dc 58 94 33 41 36 fb 2a 5c 5f 6c 03 a4 d8 9d f9 6e cf af f3 a1 09 04 53 6d b5 68 5d 75 18 71 e8 b6 bf fd f3 d8 df d1 bf bb b7 47 3a 20 87 e0 27 45 eb 06 44 11 90 f8 be 05 60 47 c4 a0 bd 6c 9f e8 11 6c ed 3c 86 16 52 b7 51 71 e6 12 79 0c e9 58 46 93 fc 75 37 62 5c 4e cf f9 d4 1a 51 12 d3 99 45 e0 bb 27 05 08 20 87 09 04 54 fa b3 d9 19 38 6c db e1 5f 79 0c 16 37 67 00 a2 8a 70 3b a3 76 fe ff 15 8d e0 ed 60 aa 90 8b 38 39 54 52 f4 51 79 4a 02 ab 14 3b f1 d2 f7 21 7d cd 56 8c 15 06 4f 9c 04 cb 9f 90 1b 70 8d c8 24 30 9d 25 b8 2a 39 a0 94 25 99 fc f2 1a 0c b0 1d 88 92 85 b9 44 f8 89 db 67 ad 9c 91 e0 ba d8 49 16 d0 2e 06 a8 84 93 d7 40 b8 04 b4 e0 37 20 d2 90 4f ff 5a cc 32 37 b5 bb c8 26 40 c5 ce cd 70 55 ef c2 36 ce
                                                                                                                                                                                                                                        Data Ascii: uFyOX3A6*\_lnSmh]uqG: 'ED`Gll<RQqyXFu7b\NQE' T8l_y7gp;v`89TRQyJ;!}VOp$0%*9%DgI.@7 OZ27&@pU6
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 6a d6 0f cf dd 77 89 6a 04 ae fc 06 4f 2f 24 47 3d b2 3e a3 92 ac 1f d0 99 70 73 bf 11 28 68 b3 01 86 b1 60 3a 7f 38 27 a5 44 0a 88 a2 bb f8 58 a8 27 0a 20 6e cb 30 21 c8 75 4a 54 84 c8 44 8b 4a 57 f5 b2 2b b4 54 08 f8 86 a3 e5 c2 7c de 56 10 94 4a 9d 48 ea 5b 81 95 4a d4 52 2e bb 55 e6 36 f6 cc fc c5 84 18 c3 bc 32 39 50 69 ac 80 f3 8e c6 28 3c 73 ec d0 35 ec 27 88 8d 47 87 7e 40 e5 be 76 d0 77 4a 90 08 24 83 bd 04 5a 04 8d 5d 00 55 a6 97 36 bb f6 79 33 21 d1 89 6f 12 ee 89 03 68 33 8e 9c ac 96 9a 37 c6 3e d8 47 89 00 85 c3 f2 b2 f1 ee 79 c5 3c 9f 2a 40 d6 15 b3 0b dc c4 05 f1 f9 14 33 0a cb 88 12 b7 00 23 ce b2 d2 0f 3e 44 80 d8 39 cb cb fb a6 d0 72 a5 36 0b d2 13 09 c5 38 e7 b5 0b e9 48 d2 bc 46 4b 7b 8e c2 72 01 ae 87 e4 80 d9 c0 ff e1 32 45 8c 09 10
                                                                                                                                                                                                                                        Data Ascii: jwjO/$G=>ps(h`:8'DX' n0!uJTDJW+T|VJH[JR.U629Pi(<s5'G~@vwJ$Z]U6y3!oh37>Gy<*@3#>D9r68HFK{r2E


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        108192.168.2.449867104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC943OUTGET /wp-content/themes/meminz/fonts/open-sans/opensans-light-webfont.woff2 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: font
                                                                                                                                                                                                                                        Referer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20231028
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC757INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Type: font/woff2
                                                                                                                                                                                                                                        Content-Length: 18184
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                                        ETag: "103a51-4708-50cdb39a46700"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: HIT
                                                                                                                                                                                                                                        Age: 501
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLgDEyNL%2BrTz6fGHvIv3FlxsiOPm7fbVIDTJVeCMmdtZnuRyrImjjWkL3g6DDCAP92Z9l6sTYLpTvv4WSsGCR58q2ILUxUPQQCCbyqRwSnjciuoS4x05vwcQU88%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbe39f395e72-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC612INData Raw: 77 4f 46 32 00 01 00 00 00 00 47 08 00 13 00 00 00 00 ad e8 00 00 46 9a 00 01 19 9a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 1b 93 18 1c 81 28 06 60 00 83 5a 08 38 09 84 65 11 10 0a 82 9c 74 81 fb 3b 01 36 02 24 03 87 26 0b 83 56 00 04 20 05 89 32 07 85 65 0c 82 2f 3f 77 65 62 66 06 1b 09 9a 07 f0 e6 99 b4 72 3b 40 e7 e7 6f 9f 67 32 8e 4d 80 ee 70 2d c9 e9 88 8f 44 e4 76 42 20 95 bc 7b f6 ff 7f 46 82 8c 31 b6 3d 7a 0f 00 2a 65 19 01 46 84 32 6b 8d 52 34 2c ad 8f d9 d4 26 96 03 4b 61 08 21 44 50 b5 da 65 cd 6a 71 25 84 10 65 7c c7 cf d2 f6 ad 8a 3e d6 2c 45 48 61 1e f7 ec 65 5f 11 76 c2 4a 71 e3 d0 fe 7a ab df 45 41 1a f1 8f 2e 9e 80 a3 df 13 cf 41 77 7c 38 97 5a 90 25 70 f0 5a cc 3b c5 b6 6b 6f eb d6 6b 5a d7 d0
                                                                                                                                                                                                                                        Data Ascii: wOF2GF?FFTM (`Z8et;6$&V 2e/?webfr;@og2Mp-DvB {F1=z*eF2kR4,&Ka!DPejq%e|>,EHae_vJqzEA.Aw|8Z%pZ;kokZ
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: bd bf 0b f7 ff 53 d5 6a ff 07 44 69 20 d9 1b b2 d7 97 52 bd 57 34 94 6c 5f 2a b7 ab 38 33 00 e8 c1 10 a4 80 01 25 03 90 b4 0a b6 d7 24 65 af 49 ca de a3 64 ef 41 94 74 0a 9b b4 29 c4 4a c9 61 e5 4b b2 ef aa 98 aa 54 34 bb d7 85 58 76 7e 5b b7 47 f0 35 7d a5 5e a7 32 25 00 de 4c 2e 05 1a d0 50 24 9d eb fd 97 d6 34 e6 0d 7e 28 e6 56 59 50 26 8c 94 52 01 64 19 d8 df 5b a5 eb da 1a f8 42 1b 54 17 17 da 42 b4 f4 f0 a1 a7 f1 e2 65 f8 fd 7f d2 40 a6 13 93 10 99 2f ab 57 b5 0b e5 fc 72 bf 1c 5f 21 4c 9d 0d 6d 0a 88 8a 34 6d 36 2f 78 bf 40 c2 9c d1 55 e7 bb 7d 96 2f 5e 6b 83 0c b2 b8 a5 79 12 24 48 08 b9 52 ff 9b 89 6d 72 c1 2c 58 ca 3a 71 7d 6d 7e 3f b5 47 46 63 d2 6e 9b 98 6c 51 90 b1 15 09 38 ae 9f 77 88 53 7b b5 69 d9 cb 97 70 5b 50 a6 58 46 01 9d c8 79 fc a1
                                                                                                                                                                                                                                        Data Ascii: SjDi RW4l_*83%$eIdAt)JaKT4Xv~[G5}^2%L.P$4~(VYP&Rd[BTBe@/Wr_!Lm4m6/x@U}/^ky$HRmr,X:q}m~?GFcnlQ8wS{ip[PXFy
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: df 08 bd 90 d5 18 0f 51 31 38 3a 20 da a7 f0 9a 7b ff 5c 64 f5 61 9c 82 79 3e 0a 70 48 22 1f 5a ed 4e b7 d7 1f 0c 47 e3 c9 74 36 5f 2c 57 eb cd 76 b7 bf b9 bd bb 7f f6 fc c5 cb 57 87 e3 3b 22 58 59 db d8 da d9 9f 72 80 39 c2 9d 9c 5d 5c 11 6e ee 1e 9e 5e de 3e be 7e 48 ff 80 40 14 1a 83 c5 05 e1 09 c1 21 c4 50 52 18 99 02 14 16 95 94 d5 35 77 f6 f5 f6 0f 0e 0c 8d 8c 8d 8e 4f 9c b6 cd e4 d4 f4 ec fc 1c 7f 71 61 75 65 6d 1d 88 3f 2d 82 f9 e0 fc 91 58 d6 f3 d3 73 80 e2 7b 81 04 c0 99 57 02 f1 7a 38 ef 3a 60 f8 b9 1c 2a 07 00 38 ff fa 87 3b a0 b9 05 4d db 3b b7 6e df 3f b8 73 77 09 d8 3a 03 3c 7b fc e4 e5 2b 20 e5 de 21 90 5f 9e 57 51 5a 55 5d 53 d9 d0 08 d4 b7 77 b4 01 67 cf c5 81 03 5c c3 e0 81 07 db 82 84 81 43 42 15 c7 0e 5d 0e 67 5e df 47 16 96 8e 25 86
                                                                                                                                                                                                                                        Data Ascii: Q18: {\day>pH"ZNGt6_,WvW;"XYr9]\n^>~H@!PR5wOqauem?-Xs{Wz8:`*8;M;n?sw:<{+ !_WQZU]Swg\CB]g^G%
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 83 af b3 b9 82 02 4b 7d ee 01 a8 5f 96 4c fe 9b 98 ac 69 66 62 aa 6a cc 7c 52 58 c1 26 7f c2 ed 6b d0 9f 3f 11 57 16 98 3b 2c 8e aa b6 2b 88 a8 cf 44 cc cc 15 6b 72 46 67 a3 75 26 7b f9 a9 b4 ce 65 c1 a6 09 1c 4d 1a 79 e2 32 05 61 6d 9a 61 23 b1 19 f1 32 9c 34 3b 6b 4a 77 d4 c2 d7 a2 97 d3 62 78 2b 63 17 7c 82 7a 84 1f d4 b4 29 d6 8c 9d cf 3a 67 fd 6b 02 75 68 93 1c e8 c7 8a c7 8b f5 ed 1e 59 6d 9f 57 28 ec 73 a5 20 b1 fd bb f1 5c d6 67 38 f3 a7 a2 3e 35 e0 49 ea 7b 36 da ab ef 89 25 5a be 45 0c d7 7f e2 a4 3b 0e 59 a3 f5 2c 49 ed d0 ef 0a 7d 43 fa 20 b4 b4 8a b0 e0 27 39 67 bb b5 db e0 85 24 34 99 6a 94 47 da 82 1d d7 3a 93 71 ce b0 76 32 a8 88 e2 e9 97 91 fb ae be 53 96 68 c1 d9 f4 b9 65 3a 84 1b eb bc b6 c1 ab 62 c5 6a 0d 85 d6 26 94 32 9a 1d 9e 9b c9
                                                                                                                                                                                                                                        Data Ascii: K}_Lifbj|RX&k?W;,+DkrFgu&{eMy2ama#24;kJwbx+c|z):gkuhYmW(s \g8>5I{6%ZE;Y,I}C '9g$4jG:qv2She:bj&2
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 0b 7b e1 b3 6e 28 e0 9a 09 47 f8 73 48 0c 70 20 6a 3d 97 3d 18 d0 45 79 c6 29 76 28 c8 40 34 1e aa 21 c2 d2 ee 42 ed 14 57 1f a0 f9 bb a6 4a 4f 4b b5 82 42 e1 26 e0 6e 92 b9 68 d6 28 c3 2f e0 47 c8 43 67 d8 c5 a2 12 22 87 4c 40 f7 f2 83 bb 8b 4a b6 eb 1c 93 06 1b 40 a6 bf 1f d6 52 9e ae 38 a1 58 d1 14 cd 90 8c 70 fc c2 e9 df e9 96 0f fc f1 ad 47 bd fd 5c a6 4e 28 32 39 3b 70 b9 90 94 f9 5f 40 00 42 58 68 3e fe 03 d7 e6 bd 66 e3 3e bf f0 00 54 78 38 2a 00 14 b1 9b 04 ba 09 83 e1 45 b0 fc 2c a8 24 4c 57 72 df 1b 7b eb 6d 7f 03 9f 0a bd 00 1b ec d9 10 fc 59 76 d0 59 5c 1e ac 1e 60 d4 59 dc c4 df 09 bb 1d 1c b4 1d 49 ce 78 da 5b 11 48 96 5f 05 eb 0f a6 6f 89 e1 7d fc aa 19 e1 57 b5 41 59 10 3c 09 97 be 3a dc 25 bb 19 b8 7e 46 a4 c5 11 4a 28 87 4d 89 be bc e9
                                                                                                                                                                                                                                        Data Ascii: {n(GsHp j==Ey)v(@4!BWJOKB&nh(/GCg"L@J@R8XpG\N(29;p_@BXh>f>Tx8*E,$LWr{mYvY\`YIx[H_o}WAY<:%~FJ(M
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: ab 23 b6 30 41 1a a4 25 bd 5a 52 6d c2 12 c9 e3 ba 97 9a a4 95 e8 fa b0 fa 0a a7 ec bb 8f f8 78 cc ca 83 4f 6b 41 ba 21 45 bf 2f 6b a2 68 26 de ce be b6 bb e5 b6 02 b3 64 d5 b6 1b 04 d1 e0 d8 c2 64 fc 14 7a 09 ae 84 51 a4 31 ae e0 ae c0 ef 6c a9 08 58 f8 ed 27 eb f1 b7 08 d0 37 df d2 e2 70 c4 51 23 f8 50 be f5 f4 38 60 73 71 4c 9d 04 df 8c e3 b2 82 db 63 78 53 fc 30 dc 12 d9 e8 94 4e 68 04 04 92 bb b6 b2 1b 00 86 2b 9e 26 a2 65 85 70 d6 92 77 17 11 4e cb f5 c4 61 96 b6 96 97 82 88 cc f6 2e 53 eb 7b 6d 7d 42 46 44 fc 55 e2 1c 32 fb 61 28 a9 da d4 9c 50 1b 4a 0c a9 37 37 33 07 c0 09 b1 57 c4 41 44 14 d0 30 07 85 00 88 90 0a 1a 41 f8 5a c4 fa 6f 6a 3c 11 79 4a 9c bb f8 f5 a0 77 61 e4 4a ef fd bf 5d 5e bc 75 7e 36 8f d2 ca 37 64 50 d9 0b a4 41 2e e2 bb c7 89
                                                                                                                                                                                                                                        Data Ascii: #0A%ZRmxOkA!E/kh&ddzQ1lX'7pQ#P8`sqLcxS0Nh+&epwNa.S{m}BFDU2a(PJ773WAD0AZoj<yJwaJ]^u~67dPA.
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: c2 a3 26 78 0e 6f 64 d8 10 fb 37 2a be 8f 1a 83 6f d6 7b bc 95 f4 81 08 3b 79 a8 0c c4 d0 64 b8 f0 c8 0f b7 15 bc 8e 57 42 e4 bc 0c ab ff ba 19 fe 47 f4 ab c4 38 55 32 de f5 a2 d3 45 36 57 b2 ca 38 01 fb 3c e8 b9 0e 9c fe 82 12 a9 a4 4a 81 e8 65 93 fe bc 08 a1 1f e3 7e b2 6f f1 67 45 59 f9 da b9 c9 e1 ba 5c 2d fc 4c 1c 69 a8 fb 53 66 28 b8 2e 7a 18 87 bf 23 6b 55 37 5c 86 37 76 90 0c 48 01 b1 28 54 92 01 43 28 b8 44 30 8d 19 69 96 1b 94 45 91 13 21 cb e2 33 d3 5c e8 89 b4 4a 81 90 9d fe 86 f6 c0 3d fc cf ef 40 90 25 e6 17 51 f4 78 5d 0e 4a a6 31 5c d2 f0 99 64 59 b4 9d cf ca 33 63 a4 46 95 0a 06 4f 2e b5 36 92 68 d1 e4 64 50 c0 0b f0 5e 60 5b 7f e3 0e 9e 13 4b 62 b1 33 60 2c 15 9a 41 86 1d c9 36 ca e1 11 f9 73 2c dc 8b db e2 91 66 4b 31 e3 39 58 89 51 ff
                                                                                                                                                                                                                                        Data Ascii: &xod7*o{;ydWBG8U2E6W8<Je~ogEY\-LiSf(.z#kU7\7vH(TC(D0iE!3\J=@%Qx]J1\dY3cFO.6hdP^`[Kb3`,A6s,fK19XQ
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 62 40 f2 da 10 2b 06 d6 a8 b6 6d 70 74 cf 6d 10 06 83 0d fe 5a 6e c4 d1 3b 16 f6 13 a3 13 e2 65 46 82 e9 06 bf 66 45 00 52 5e a0 58 e3 fa 28 3d a0 28 2b 42 62 90 f9 9b 20 c1 db 8b 22 ae c6 03 a4 ee 19 ab 30 91 34 18 e1 73 b1 9f f8 46 52 23 c3 ca 62 5b e8 cb 78 81 58 68 8b 61 48 51 7d 89 de c0 cd 19 ac c9 f5 43 03 af 59 f9 29 d7 35 0d dc 8d dd 5d 85 26 9a 30 83 19 74 b8 d7 29 85 b9 51 25 4d 4d cd 4d 2d 4d 8d 0d e2 dd d8 54 c6 17 d7 37 01 98 04 be ee 4a 66 35 79 9c e2 34 af ef b3 30 f6 f1 7d 67 12 36 c9 cb 9e 90 b9 72 9e c3 b1 2d 1d 35 b6 14 cb 8f b8 38 d7 5c 12 3b e4 7c e6 5e 31 ce a7 fa 80 61 1b 8b 68 29 77 02 89 c1 9c da 06 ad 3a af 45 d8 7a 21 02 92 2f b4 c8 59 af 8d 71 64 ac f8 07 df 7a 98 69 89 06 27 fc 5f b6 9b f9 f0 0b 10 01 8c 75 73 98 f1 9f 4e bc
                                                                                                                                                                                                                                        Data Ascii: b@+mptmZn;eFfER^X(=(+Bb "04sFR#b[xXhaHQ}CY)5]&0t)Q%MMM-MT7Jf5y40}g6r-58\;|^1ah)w:Ez!/Yqdzi'_usN
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: eb 97 8a 62 8b 1c 86 b4 76 e5 1d 6b da 18 b1 68 14 b8 11 c4 62 2a 0c 4a bf 14 8f 12 22 1d 04 db f6 76 67 b4 0c 5a b4 e0 4e ca 56 4b 1f 4e 6f 7e fc ff db 1c df 9d d7 17 fc f1 db 7b 0d 5e 60 62 a7 a7 4d 24 df 6b 92 72 18 4a fa d8 58 42 77 be d9 5d 40 7b 9e 5f 2f 55 4a 0b bd d1 2a ab d7 7b 4a a0 0f 94 5d 7e 66 d1 ba d0 96 3d 69 85 a5 ad cb b5 7d 35 16 1a fa d5 3b 80 fd 9f fb 42 cf bf 22 fd 9a ac b9 ae 56 ac b9 c2 0d 2e 62 2b 6b 9e b1 aa ab 2b eb 58 89 30 70 ed b1 90 18 be d7 ca 05 4b 6f d9 e6 a2 2d b2 d4 32 0e 0f 07 b3 81 05 16 0b 65 7f 06 ad c0 5d 8b a1 14 5e 15 35 1f 7c 20 53 f7 1b fc 76 46 e4 54 a5 13 1d a6 fe fa f9 ba 17 15 93 1a 9f 20 bd 5a 31 ed f6 eb a6 b8 19 3a 74 ad 80 df e5 a9 86 e9 e5 b8 96 84 3e 77 ac ee b0 8a ce ab 3f 8e 8f a3 22 87 34 7d 86 2e
                                                                                                                                                                                                                                        Data Ascii: bvkhb*J"vgZNVKNo~{^`bM$krJXBw]@{_/UJ*{J]~f=i}5;B"V.b+k+X0pKo-2e]^5| SvFT Z1:t>w?"4}.
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1369INData Raw: 58 07 ec b5 4d 22 18 34 52 40 49 ec e9 88 74 c2 f9 27 4f 7e 0f 03 c6 de 6d 29 c8 20 6f 0b 57 05 1b 13 10 8b 51 4a 3e 1c 15 7f 33 d6 39 29 24 8b 66 3c 63 cf d6 3a 45 f9 a0 d8 84 64 cc 25 6b 7e 4a 25 2c 30 d1 4f 33 98 4a df 14 a5 d9 a1 d2 23 8c 10 51 12 4d d8 04 51 69 5a 92 04 1b df f6 e8 24 78 01 12 a3 25 0b 00 6b 92 91 36 6c 47 39 17 86 47 21 76 8f 5e 68 64 d3 32 a2 69 63 65 23 d2 e8 ca 53 c2 4b a1 6a 39 f2 68 41 9c 18 c3 6e 6a 60 f0 d6 20 98 86 f1 14 c8 51 4d 29 6a 90 5e 0e 5c 91 9e 2a 09 c6 14 13 ce ad 4d e5 d3 76 8d 47 f7 d9 e1 e6 39 2e a4 85 07 10 72 5e b7 9c 08 f0 0c 30 7a 36 7c 80 58 c1 34 47 00 0b 42 bf b6 82 36 bf 6f f9 42 9a 91 c1 0c 1e 87 dc 60 79 b2 c9 78 22 f2 50 7d 82 a9 76 26 2b f5 aa b5 21 72 8e af 01 bc 18 d9 6b 5b 4a 34 b6 39 fc ea 94 94
                                                                                                                                                                                                                                        Data Ascii: XM"4R@It'O~m) oWQJ>39)$f<c:Ed%k~J%,0O3J#QMQiZ$x%k6lG9G!v^hd2ice#SKj9hAnj` QM)j^\*MvG9.r^0z6|X4GB6oB`yx"P}v&+!rk[J49


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        109192.168.2.449868216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178139063&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=2744 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        110192.168.2.449869216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC1692OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178139063&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        111192.168.2.44986444.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 796
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4a 6b 59 32 59 7a 4d 44 6c 6d 4c 57 4d 35 4d 54 51 74 4e 44 59 33 4e 53 31 69 4e 7a 41 7a 4c 54 4e 6a 5a 47 46 68 5a 54 41 78 4e 54 51 33 4d 6a 51 78 4f 54 51 33 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4e 6d 4e 57 49 7a 4f 44 46 6d 4c 57 51 31 5a 44 4d 74 4e 44 52 6c 5a 53 30 35 4e 54 63 79 4c 54 49 30 4e 47 52 6d 4d 54 63 33 4e 54 67 78 4d 44 55 33 4e 54 51 30 4d 43 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmJkY2YzMDlmLWM5MTQtNDY3NS1iNzAzLTNjZGFhZTAxNTQ3MjQxOTQ3MyUyMiUyQyUyMnNpZCUyMiUzQSUyMmNmNWIzODFmLWQ1ZDMtNDRlZS05NTcyLTI0NGRmMTc3NTgxMDU3NTQ0MCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:35:40 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178140984567
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178140984352
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        112192.168.2.449870192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC691OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2815&rand=0.33463708251087443 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        113192.168.2.44986544.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:40 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:40 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        114192.168.2.449871104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC817INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:41 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2BcM5Fqc%2B1JHfmv1LXuc89NXZPsZEKfQtTwVkZDfIO7f%2FaRxtFfu7BfyIs3mIlLw8qbgeLJHtXGlTG8Y3eI67KQXuPzfnJTf5la8SIRaO8%2FvtjYtiWWDZw4K2Fw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabbe69efa7d14-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        115192.168.2.449873192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC461OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2815&rand=0.33463708251087443 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:41 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        116192.168.2.449875198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC334OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC4515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:41 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        Set-Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; domain=stripe.com; path=/; expires=Fri, 26 Jul 2024 00:35:41 GMT; secure; SameSite=Lax
                                                                                                                                                                                                                                        Set-Cookie: __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D; path=/; secure; HttpOnly; SameSite=Strict
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC11869INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC16384INData Raw: 72 41 6c 6c 28 22 6c 69 6e 6b 5b 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 5d 22 29 29 22 61 6c 6c 22 21 3d 3d 65 2e 6d 65 64 69 61 26 26 28 65 2e 6d 65 64 69 61 3d 22 61 6c 6c 22 29 7d 29 3b 0a 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 64 6e 73 2d 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 22 3e 0a 3c 73 74 79 6c 65 3e 2e 48 6f 6d 65 70 61 67 65 4c 6f 67 6f 47 72 69 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74
                                                                                                                                                                                                                                        Data Ascii: rAll("link[data-js-lazy-style]"))"all"!==e.media&&(e.media="all")});</script> <link rel="preconnect" href="https://b.stripecdn.com" crossorigin><link rel="dns-prefetch" href="https://b.stripecdn.com"><style>.HomepageLogoGrid .Section__layout{--sect
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC16384INData Raw: 69 67 68 74 29 2f 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 39 30 30 70 78 29 7b 2e 4d 6f 62 69 6c 65 4d 65 6e 75 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 72 65 64 75 63 65 64 2d 6d 6f 74 69 6f 6e 3a 72 65 64 75 63 65 64 29 7b 2e 4d 6f 62 69 6c 65 4d 65 6e 75 7b 2d 2d 74 72 61 6e 73 69 74 69 6f 6e 44 75 72 61 74 69 6f 6e 3a 31 6d 73 7d 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 73 74 69 63 6b 79 3b 74 6f 70 3a 30 3b 70 61 64 64 69 6e 67 3a 31 36 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ight)/auto;padding:var(--siteMobileMenuPadding);z-index:2}@media (min-width:900px){.MobileMenu{display:none}}@media (prefers-reduced-motion:reduced){.MobileMenu{--transitionDuration:1ms}}.MobileMenu__header{position:sticky;top:0;padding:16px;height:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC16384INData Raw: 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 6c 61 74 65 58 29 29 20 72 6f 74 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 52 6f 74 61 74 65 58 29 29 3b 74 72 61 6e 73 66 6f 72 6d 2d 6f 72 69 67 69 6e 3a 35 30 25 20 2d 35 30 70 78 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 2c 77 69 64 74 68 2c 68 65 69 67 68 74 3b 77 69 6c 6c 2d 63 68 61 6e 67 65 3a 74 72 61 6e 73 66 6f 72 6d 2c 77 69 64 74 68 2c 68 65 69 67 68 74 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 4d 65 6e 75 5b 68 69 64 64 65 6e 5d 7b 2d 2d 73 69 74 65 4d 65 6e 75 52 6f 74 61 74 65
                                                                                                                                                                                                                                        Data Ascii: ranslateX(var(--siteMenuTranslateX)) rotateX(var(--siteMenuRotateX));transform-origin:50% -50px;transition:var(--siteMenuTransition);transition-property:transform,width,height;will-change:transform,width,height;z-index:2}.SiteMenu[hidden]{--siteMenuRotate
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC16384INData Raw: 77 47 61 70 29 7d 2e 43 6f 70 79 5f 5f 63 61 70 74 69 6f 6e 7b 66 6f 6e 74 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 46 6f 6e 74 29 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 29 7d 68 74 6d 6c 5b 6c 61 6e 67 5e 3d 6a 61 5d 20 2e 43 6f 70 79 5f 5f 63 61 70 74 69 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 76 61 72 69 61 74 69 6f 6e 2d 73 65 74 74 69 6e 67 73 3a 22 77 67 68 74 22 20 35 30 30 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6f 6e 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 29 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 74 69 74 6c 65 43 6f 6c 6f 72 29 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 76 61 72 28 2d 2d 74 69 74 6c 65 4c
                                                                                                                                                                                                                                        Data Ascii: wGap)}.Copy__caption{font:var(--captionFont);color:var(--accentColor)}html[lang^=ja] .Copy__caption{font-weight:600;font-variation-settings:"wght" 500}.Copy__title{position:relative;font:var(--titleFont);color:var(--titleColor);letter-spacing:var(--titleL
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 63 6b 6f 75 74 50 68 6f 6e 65 50 61 79 42 75 74 74 6f 6e 43 6f 6c 6f 72 3a 23 30 61 32 35 34 30 7d 68 74 6d 6c 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 76 61 72 28 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 43 6f 6e 74 61 69 6e 65 72 50 61 64 64 69 6e 67 56 65 72 74 69 63 61 6c 29 20 76 61 72 28 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 43 6f 6e 74 61 69 6e 65 72 50 61 64 64 69 6e 67 48 6f 72 69 7a 6f 6e 74 61 6c 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 38 70 78 3b 62 61 63
                                                                                                                                                                                                                                        Data Ascii: ckoutPhonePayButtonColor:#0a2540}html[lang*=ja] .CheckoutPhoneGraphic{--checkoutPhoneFontSize:10px}.CheckoutPhoneGraphic{height:100%;padding:var(--checkoutPhoneContainerPaddingVertical) var(--checkoutPhoneContainerPaddingHorizontal);border-radius:28px;bac
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 6e 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 66 39 36 35 66 64 66 34 2e 77 6f 66 66 32 22 20 61 73 3d 22 66 6f 6e 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 6f 68 6e 65 2d 76 61 72 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73
                                                                                                                                                                                                                                        Data Ascii: n}</style> <link rel="preload" href="https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff2" as="font" crossorigin> <style>@media (min-width:600px){@font-face{font-family:sohne-var;src:url(https://b.stripecdn.com/mkt-statics
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 72 3a 23 30 30 38 34 33 31 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 30 30 64 39 32 34 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 66 66 66 35 61 64 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 66 66 64 38 34 38 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 47 72 65 65 6e 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 47 72 65 65 6e 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61
                                                                                                                                                                                                                                        Data Ascii: r:#008431}.flavor--LemonLime.theme--Dark,.flavor--LemonLime .theme--Dark{--blendBackground:#00d924;--blendIntersection:#fff5ad;--blendForeground:#ffd848}.flavor--LemonLime.accent--Green,.flavor--LemonLime .accent--Green{--accentColor:#15be53;--complimenta
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 74 2d 64 34 63 36 61 64 30 36 63 31 37 33 61 37 64 63 61 32 65 64 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 6f 70 79 54 69 74 6c 65 2d 63 36 34 31 65 30 31 34 62 33 39 34 36 36 32 38 62 63 39 35 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                        Data Ascii: t-d4c6ad06c173a7dca2ed.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CopyTitle-c641e014b3946628bc95.css" media="print" data-js-lazy-style>
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 68 65 63 6b 6f 75 74 46 6f 72 6d 47 72 61 70 68 69 63 2d 62 32 35 30 39 64 38 32 31 36 35 31 63 62 63 38 32 37 30 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 2d 33 64 37 30 34 64 66 61 64 35 66 66 38 31 64 30 65 38 30 62 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68
                                                                                                                                                                                                                                        Data Ascii: stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CheckoutFormGraphic-b2509d821651cbc82709.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.css"><link rel="stylesh


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        117192.168.2.44987444.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:41 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        118192.168.2.44987244.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3376
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC3376OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 79 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNyUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQlMjI
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:42 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:35:42 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178142093987
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178142093489
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 37 37 39 31 62 30 38 35 2d 39 33 33 38 2d 34 63 32 35 2d 39 66 66 39 2d 35 38 65 33 38 30 30 63 38 33 31 63 30 30 35 36 38 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 35 37 37 62 36 35 38 64 2d 37 32 32 66 2d 34 36 39 30 2d 39 33 39 36 2d 31 33 64 61 38 34 33 63 39 62 31 39 39 34 37 39 33 37 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"7791b085-9338-4c25-9ff9-58e3800c831c005683","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"577b658d-722f-4690-9396-13da843c9b19947937"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        119192.168.2.449877198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:41 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:42 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:35:42 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        120192.168.2.44987644.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:44 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:44 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:44 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:44 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        121192.168.2.449879198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:45 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        122192.168.2.44987844.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:45 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        123192.168.2.449880216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178139063&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=7758 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:45 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        124192.168.2.449882198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:45 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:46 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        125192.168.2.449884104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1033INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:46 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJyEj7UL8CAjs6JwpClm9jQw16dVxmLw5XiAFcPm%2B7HVbNhY1HaO6lVm2MiAyjpLQHN1mJkf6de80uSG%2BLGV7yN84UWTBzpiQnGbPjrG69xc1oqT5kXLiqICS6s%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc06b94643d0-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC336INData Raw: 37 62 61 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7bab<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f
                                                                                                                                                                                                                                        Data Ascii: " content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots" co
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d
                                                                                                                                                                                                                                        Data Ascii: === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? M
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72 61 6d
                                                                                                                                                                                                                                        Data Ascii: ghtsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {param
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: /developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: entAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09 09 09
                                                                                                                                                                                                                                        Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72
                                                                                                                                                                                                                                        Data Ascii: const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (par
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC1369INData Raw: 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75
                                                                                                                                                                                                                                        Data Ascii: function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\u


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        126192.168.2.44988144.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:46 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        127192.168.2.449886198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:46 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        128192.168.2.44988544.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:46 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:47 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:47 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        129192.168.2.449883104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC824INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:48 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:35:48 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wWatsf1r7zTVD1UnZhiesAiqHnJ1%2FZdJtvVZciP3G1IcaMCBtDPLgUxi02qR3iFfqWIl0CVZbeVGs7lJBPpI56Guz2chF%2FO8Y%2FPpbShuf9K4ueCFhta%2FVhlebQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc130a468cc5-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC545INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC1369INData Raw: 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74
                                                                                                                                                                                                                                        Data Ascii: r-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .act
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC1369INData Raw: 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65
                                                                                                                                                                                                                                        Data Ascii: 000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hove
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC588INData Raw: 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76
                                                                                                                                                                                                                                        Data Ascii: nd-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-activ
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        130192.168.2.449888198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:48 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:49 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        131192.168.2.449890104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178147.32.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC1014INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:49 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9Rq0FNy3GFaiyQHKBi9%2BPMpLheGyg4gJyPY5XJJlDJF72IfajoLpeTlRkj7tkCVvdGNGZrthlKCE3uKR1K9HnVFU9K2fyRffIDWqTRDiO5%2FQ25IT4zI3INcrtc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc186dbd17a9-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        132192.168.2.449889216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178147267&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2866 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:49 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        133192.168.2.449887104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178146 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178139.40.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC745INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:49 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcBwYk6gDRuqYKGqTiT0Dckj2WeiX9RGcLf9RQkIUQ%2BW7WqeB9slUbkePIDmXzSKWgUuxW2IwVvthfKBGCMYR1oWueTyE2Rgu6mXXLcOQ7qh%2BiEVqh%2B8bJMK%2F7Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc18ec81c404-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        134192.168.2.449891216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178147267&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=2906 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:49 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        135192.168.2.449892216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC1691OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178147267&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:49 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        136192.168.2.449895104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178148.31.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:50 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Mnmo5ErIYxdXMPKlIFf8%2FXLfA2DucPbpkkdLDlVh5eOAdaqa17YzkA0xoDjUjpkH0dI4XiD54QjpWC3h8ASvNihmrh5BGnDF%2BdDPe3Kp%2FAm4AAM6rZwYbRekmo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc1d2f0f7d18-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        137192.168.2.449893192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:49 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2995&rand=0.5630717407710482 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:50 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        138192.168.2.44989444.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3500
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC3500OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 69 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNiUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQlMjI
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:50 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:35:50 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178150287679
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178150286905
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        139192.168.2.449896192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2995&rand=0.5630717407710482 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:50 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:50 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        140192.168.2.44989744.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:52 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:35:52 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:52 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:52 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        141192.168.2.449898104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:52 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178148.31.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:53 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A77EqGu57sLoCYM71LRYzURVjthv5Jj29liaAExd9pTks3DT0ysQhL1J3L0FHIwwhk%2FHrrpIPkK2oPC8pEVLojOjxr1ekgESfc%2FdH1VZmCmaL%2F%2B9kABm12XIAqc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc2f780a7d05-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                                        Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                                        Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                                        Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                                        Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                                        Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                                        Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                                        Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        142192.168.2.449901198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:53 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        143192.168.2.44990040.68.123.157443
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+79UPCBWOyUrAT4&MD=aNBF4HwC HTTP/1.1
                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                        Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                        Expires: -1
                                                                                                                                                                                                                                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                        ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                                                                                                                                                                                                                                        MS-CorrelationId: e6ace2e8-17f9-4263-84a3-895fafefb646
                                                                                                                                                                                                                                        MS-RequestId: 0a16debe-c5fd-48af-beea-4f04ebbdec6b
                                                                                                                                                                                                                                        MS-CV: IpRdK4j8Z0efk425.0
                                                                                                                                                                                                                                        X-Microsoft-SLSClientCache: 2160
                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:53 GMT
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Length: 25457
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                                                                                                                                                                                                                                        Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC9633INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                                                                                                                                                                                                                                        Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        144192.168.2.449899104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:53 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC828INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:54 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:35:54 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjQ%2F%2Be4poA7%2BU07VjidNweKh0FRAURKJuD4iv2V3tYX9%2FqEkH8wsi%2B%2FVP1IFuRnFtS013WOWN7rtULIzhs3iDvvMBXo9MStkHZsu8FJRwcNl5ICNom5kGCUv9Y0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc36497e0f90-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC541INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1369INData Raw: 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20
                                                                                                                                                                                                                                        Data Ascii: avbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1369INData Raw: 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a
                                                                                                                                                                                                                                        Data Ascii: et #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC592INData Raw: 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61
                                                                                                                                                                                                                                        Data Ascii: ground-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-a
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        145192.168.2.449902216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178152977&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1449 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:54 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        146192.168.2.449903104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1014INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:54 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbPGh1N5ddKhGqIz%2BPtO7Nz2LA4ABeUTF2dxSPJBiCDXx1nrBODohVR2nLYVQHMvxVSeYHp6mJjrXVy7WakRh4QcjpoEOXOtppU3cYtltgNhC1L5e%2FZuuIzHIaM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc386be30f69-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        147192.168.2.449904104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178153 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC743INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:54 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTihwgbgTvSFXaxu5e0uLkRbuF1MY83H1DwBKAssD2B%2Fn3nFek0ciNdPVQEZCCKn4mmR5z9k%2BvHpIu654WScDLL%2BN4a9N5ziyuGVxyZFD31YYs3ZyfZkBtXfDQU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc3aea878c95-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        148192.168.2.449906216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178152977&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=1893 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:55 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:54 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        149192.168.2.449905216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1692OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178152977&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:54 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        150192.168.2.449907216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:54 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178147267&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=8731 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:55 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:55 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        151192.168.2.449908104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC819INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:56 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CT%2FgX%2BVOZOSbVAGaIbG9S%2Ff4YWRYEKhRIcM4MM0tS9ZdOzm1t2%2F21X6neYpcTF9C1p2bdJGke0RkSl9ymZK38lEjmhHQllNaNabci7nKTMp68GRxr%2FjFb3ojzMc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc44bed00cae-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        152192.168.2.449909192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1901&rand=0.5844304853361733 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:56 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        153192.168.2.449910192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1901&rand=0.5844304853361733 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:56 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        154192.168.2.44991144.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3488
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:56 UTC3488OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 78 4d 6a 6b 6c 4d 6b 4d 6c 4d 6a 4a 30 59 57 63 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 30 4c 6a 55 75 4e 44 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 7a 63 6d 4d 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 71 63 79 55 79 4d 69 55 79 51 79 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 64 69 55 79 4d 69 55 7a 51 53 55 79 4d 6e 52 79 64 57 55 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 30 4a 54 49
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0ExMjklMkMlMjJ0YWclMjIlM0ElMjI0LjUuNDMlMjIlMkMlMjJzcmMlMjIlM0ElMjJqcyUyMiUyQyUyMmElMjIlM0ElN0IlMjJhJTIyJTNBJTdCJTIydiUyMiUzQSUyMnRydWUlMjIlMkMlMjJ0JTI
                                                                                                                                                                                                                                        2024-04-27 00:35:57 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:57 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:35:57 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178157282364
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178157281875
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:57 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        155192.168.2.44991244.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:57 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:57 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        156192.168.2.449913198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:58 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        157192.168.2.44991544.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 796
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4a 6b 59 32 59 7a 4d 44 6c 6d 4c 57 4d 35 4d 54 51 74 4e 44 59 33 4e 53 31 69 4e 7a 41 7a 4c 54 4e 6a 5a 47 46 68 5a 54 41 78 4e 54 51 33 4d 6a 51 78 4f 54 51 33 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4e 6d 4e 57 49 7a 4f 44 46 6d 4c 57 51 31 5a 44 4d 74 4e 44 52 6c 5a 53 30 35 4e 54 63 79 4c 54 49 30 4e 47 52 6d 4d 54 63 33 4e 54 67 78 4d 44 55 33 4e 54 51 30 4d 43 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmJkY2YzMDlmLWM5MTQtNDY3NS1iNzAzLTNjZGFhZTAxNTQ3MjQxOTQ3MyUyMiUyQyUyMnNpZCUyMiUzQSUyMmNmNWIzODFmLWQ1ZDMtNDRlZS05NTcyLTI0NGRmMTc3NTgxMDU3NTQ0MCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:59 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:35:59 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178159213445
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178159213050
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        158192.168.2.449917104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:35:58 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1033INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:35:59 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0BDFGobz3R3t5KALbFLR32FFawd5Y4IqSOc9jNwz3LxwTN364oFpeXRKpzcXeVpv5jOBz%2FOhDPBEMoSd6GzTuNXPHYVE9URfMZv4ZZaM4rYSs3c%2FpaeFaeHFq8Y%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc56ac1d0f75-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC336INData Raw: 37 62 61 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7bab<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f
                                                                                                                                                                                                                                        Data Ascii: " content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots" co
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d
                                                                                                                                                                                                                                        Data Ascii: === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? M
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72 61 6d
                                                                                                                                                                                                                                        Data Ascii: ghtsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {param
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: /developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: entAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09 09 09
                                                                                                                                                                                                                                        Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72
                                                                                                                                                                                                                                        Data Ascii: const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (par
                                                                                                                                                                                                                                        2024-04-27 00:35:59 UTC1369INData Raw: 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75
                                                                                                                                                                                                                                        Data Ascii: function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\u


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        159192.168.2.449916104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC820INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:01 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:01 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eK9Vk3QEU69kjsjzxX%2FSn94bP4JqeegpOxHB5vOnl4mTGTJeSR3D9MvXxY1OPiEcp86Q7lC0ihNJW%2BToxaWthm4HYCl7StVS3wn59B9pDYULwF61aUS2MeQewUE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc660ba69e08-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC549INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC1369INData Raw: 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20
                                                                                                                                                                                                                                        Data Ascii: fault .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC1369INData Raw: 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61
                                                                                                                                                                                                                                        Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC584INData Raw: 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e
                                                                                                                                                                                                                                        Data Ascii: olor: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        160192.168.2.449918104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC1016INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9GcXgk7lRDOjW53FDJFSTYznY5%2B0RoTXQlqBe%2BCEU3n9oGWexw6gIvOKuTd7AfKuJFVMZoXHkgamFvOZRL8SSguj%2FDRQopk0j3kAiYQZMt8SydTFRXTEBsv7h0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc683aa58c3f-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        161192.168.2.449919104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178159 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178153.26.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWUjShHXbsTMPIbGZjJs2nh9GRbLt9v5qre2bnE26gQli%2F7250dAvxGQG8ogEL%2F8d7hGU0VfhzPfr3GUygUGaKWAkkJzV3kaxJP9s1cs6ol1iAlPHNr9JPhiiqE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc697a01c32b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        162192.168.2.449920216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:01 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178160693&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2989 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        163192.168.2.449921216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178152977&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=9393 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        164192.168.2.449923216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178160693&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=3138 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        165192.168.2.44992244.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        166192.168.2.449925192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3229&rand=0.6605735035558935 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        167192.168.2.449926104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9HgLNX4CkfY3dnzt4f5Bxw0uDgZMW7Jf2My3GverYxrPKuwdRzFEZEgO%2FJspL2dizWkeq7IDOOOjSl847l9sKV6LcJLl104mv5gle%2B2S2a8yU%2FIyBJX27ELFds%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc6cd8df42fe-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        168192.168.2.449924216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC1684OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178160693&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:02 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        169192.168.2.449928198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:03 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        170192.168.2.44992744.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3504
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC3504OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 53 34 7a 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNS4zJTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:03 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:03 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178163213398
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178163212834
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        171192.168.2.449929192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:02 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3229&rand=0.6605735035558935 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:03 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:03 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        172192.168.2.44993144.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:05 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        173192.168.2.449932198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:05 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        174192.168.2.44993344.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 792
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:05 UTC792OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4a 6b 59 32 59 7a 4d 44 6c 6d 4c 57 4d 35 4d 54 51 74 4e 44 59 33 4e 53 31 69 4e 7a 41 7a 4c 54 4e 6a 5a 47 46 68 5a 54 41 78 4e 54 51 33 4d 6a 51 78 4f 54 51 33 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4e 6d 4e 57 49 7a 4f 44 46 6d 4c 57 51 31 5a 44 4d 74 4e 44 52 6c 5a 53 30 35 4e 54 63 79 4c 54 49 30 4e 47 52 6d 4d 54 63 33 4e 54 67 78 4d 44 55 33 4e 54 51 30 4d 43 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmJkY2YzMDlmLWM5MTQtNDY3NS1iNzAzLTNjZGFhZTAxNTQ3MjQxOTQ3MyUyMiUyQyUyMnNpZCUyMiUzQSUyMmNmNWIzODFmLWQ1ZDMtNDRlZS05NTcyLTI0NGRmMTc3NTgxMDU3NTQ0MCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:06 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:06 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178166234457
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178166234116
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        175192.168.2.44993444.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:06 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:06 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        176192.168.2.449936104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:07 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lnwgf9CLlk29QPH%2Brmed5EHcMUhPzFvim4PFfpyxinxQH3N5VdzhfSy4RS5myodwZ8WxEZkCfjMiIQAj1nnJ6NZbilnHejEqDGObfaoc%2Fec%2Fa9%2ByRs5gSwdPe0c%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc896e014401-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                                        Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                                        Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                                        Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                                        Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                                        Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                                        Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                                        Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        177192.168.2.449937198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:07 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        178192.168.2.449935104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC822INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:08 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:08 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaFTKkmo2P9PoualUHPQKvJffp8xeDwUTTs40hgqIvc407ToL5xX09dA%2BaHm54dErJV3NhA%2Fff6aYPXHQ2rXfKRgB1%2BfAVsPFoi9lq64ayzgdQlZeHmWzg1n7s4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc8ddd151861-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC547INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC1369INData Raw: 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76
                                                                                                                                                                                                                                        Data Ascii: default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .activ
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC1369INData Raw: 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c
                                                                                                                                                                                                                                        Data Ascii: 0;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC586INData Raw: 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c
                                                                                                                                                                                                                                        Data Ascii: -color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active,
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        179192.168.2.449938216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:07 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178160693&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=8922 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:08 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:08 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        180192.168.2.449939104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:09 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178168.11.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:09 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:10 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVJFr4CoouJFkBEMf7oFXL%2FElJDwvp6kXviORWpmaaE0g9MaOJ%2Bkl3HmLN7XRwFLM4TH3K6zN6XRmRF9nJ2rrGwTV6yUuORcOPy5TR%2FMOS6MpEyL420PEoWA%2BGM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc98cca40c9e-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        181192.168.2.449941104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:09 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178167 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178161.18.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:09 UTC747INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:09 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUYweF5lYkig7YVgEds9%2Bq7sEBqc2EW9fp4n7eGuso%2BLSg%2BGZYb6pZfcoaJNz3CHdjOhA6%2FdRrl84FTdeeLQ%2FTnZEc6A7Nlt7DKweQYSwCCxTftsfSOIkWtdy0c%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc99591a41df-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        182192.168.2.449940216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:09 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178167090&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2596 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:09 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:09 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        183192.168.2.449942216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:09 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178167090&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=2749 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:10 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        184192.168.2.449943216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC1692OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178167090&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:10 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        185192.168.2.449944192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC691OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2888&rand=0.17584099737033543 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:10 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        186192.168.2.449946104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178168.11.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC817INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:11 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZA5izktJnBwgXzWLRblvTsosrhy%2B7K8p%2BhZ9dntiJsLl0%2BIf8pITHZHtDNW5X1WFeai47lGVGHsDFSQnJrQsqw68ZNvnyxO8Zsn3ognY7akJboBND%2B3oS5nmX4A%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabc9fbd747283-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        187192.168.2.44994544.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3504
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:10 UTC3504OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4f 43 34 32 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyOC42JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:11 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:11 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178171104554
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178171104045
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        188192.168.2.449947192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC461OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2888&rand=0.17584099737033543 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:11 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        189192.168.2.44994844.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:11 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:11 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        190192.168.2.449949198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:12 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:12 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        191192.168.2.449951104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:14 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178168.11.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1039INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:15 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKQjpBgI%2BmnjBwwpVXHxWdlllCgj%2FJfoU8LLROkQLNQ6M3f6Ow1hYw7r24mVbuTqgcb0rYWdGYbSL2RL22pDLX%2FUHlt0x%2F07VDqfHsqre4zvtZVReq%2FnenrsIo0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcb8bea1434f-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC330INData Raw: 37 62 61 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba5<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f
                                                                                                                                                                                                                                        Data Ascii: ewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robo
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74
                                                                                                                                                                                                                                        Data Ascii: Query === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: erInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a
                                                                                                                                                                                                                                        Data Ascii: ttps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69
                                                                                                                                                                                                                                        Data Ascii: er',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hi
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27
                                                                                                                                                                                                                                        Data Ascii: perty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined'
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                        Data Ascii: rs) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = functio
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75
                                                                                                                                                                                                                                        Data Ascii: [t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\u


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        192192.168.2.449952216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:14 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178167090&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=7856 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:15 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        193192.168.2.449950104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC886OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178174.5.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC818INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:15 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:15 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILjp9wyyYW4X%2FkG3G6KZD0FLTkGbY6my5ICNwL3r7JyFsu6R2gULI9JNo9v3vgdGZYXC9z3JmcvaCUxIrBuMtffvTgcQ1ZuvZH6H5v5wnVOFNScHjej6aR8DpvM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcbdc94f1760-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC551INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1369INData Raw: 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 3a
                                                                                                                                                                                                                                        Data Ascii: ult .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC1369INData Raw: 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61 2e 62
                                                                                                                                                                                                                                        Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a.b
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC582INData Raw: 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e 65 64
                                                                                                                                                                                                                                        Data Ascii: or: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .ed
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        194192.168.2.449954104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1017OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178174.5.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC1012INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:16 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JApZsIbTGRebA8MWNgWrrh6UqiYg0hB0NRilI61xbboxUebY9m65hbivrKI6aJKcEoojH3WKMFvJ1aF5HUs2jM9c4E5r3%2Fzs5WFlCRDJNUkSrJmGYzflnVrOBQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcbfcca542b0-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        195192.168.2.449955104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC926OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178175 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178174.5.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC739INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:16 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BMbi0eKwt4qYxgPDXyKt6EG5tJPezC6LQtiersOn5xu8nY3zF5KhFWmS80miwMB7ydRkt2cDsVkVeFiHIb%2BwRQUK2FQgZNzmXzIsBc1UbnfzwPOphxOjqg3oXe8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcc0094f42f5-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        196192.168.2.449953216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:15 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178174662&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1764 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:16 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        197192.168.2.449957216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178174662&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=2298 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:16 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        198192.168.2.449956216.239.34.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC1684OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178174662&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:16 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        199192.168.2.449958192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC687OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.9114243600301877 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:16 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:16 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        200192.168.2.44996044.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3500
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC3500OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 7a 4f 53 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EzOSUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQlMjI
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:19 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:19 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178179501094
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178179500449
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        201192.168.2.449959104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC649OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC813INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:19 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Juoae9xuv73uYDRAykdVqLksFMY0tv36o0qR022mZg3AWn8AsFejUkr%2FpPGRyMPxEu2CwZmndYF9p%2F0QR2kktlLaePpycMJb1XxGt3xG9ryMmoH93M2oeBkPEuc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcd4f9088cca-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        202192.168.2.449961192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC457OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.9114243600301877 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:19 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:19 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        203192.168.2.449964104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:20 UTC998OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:21 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9podmghZxF1J00QwA9Ua8EOCm9RKRpKF%2F7b2wRmSucC7DBYtk3kKoUvvCtbhloV%2Becvja138yT7KW%2FlR3u6GfOUdjC5kg0IK3Adk3G%2BwhxfkR9nS8968BDabLuM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcdd8ef40ccd-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                                        Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                                        Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                                        Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                                        Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                                        Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                                        Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                                        Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        204192.168.2.44996244.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:21 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:21 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        205192.168.2.449963104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:22 UTC886OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC828INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:23 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:23 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t30fbNrAMaYsOwrkdKpUIPI6lGLe3mcHLPuEXF6v%2BMYOe1NIVRwZXa3EdGr22%2B%2FbZJl49zOJcA%2B%2BhK4i%2B1teXWhmU9m2IfvgIE1EuofOov9WBzB23RlT7aNbMdA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabceb2bae726b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC541INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC1369INData Raw: 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20
                                                                                                                                                                                                                                        Data Ascii: avbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC1369INData Raw: 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a
                                                                                                                                                                                                                                        Data Ascii: et #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC592INData Raw: 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61
                                                                                                                                                                                                                                        Data Ascii: ground-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-a
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        206192.168.2.449857151.101.192.1764437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:22 UTC618OUTGET /v3/?ver=v3 HTTP/1.1
                                                                                                                                                                                                                                        Host: js.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        If-None-Match: "206d0cb0f8a398cba3f6c5c045508c70"
                                                                                                                                                                                                                                        If-Modified-Since: Fri, 26 Apr 2024 18:01:23 GMT
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC440INHTTP/1.1 304 Not Modified
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:22 GMT
                                                                                                                                                                                                                                        Via: 1.1 varnish
                                                                                                                                                                                                                                        Cache-Control: max-age=60
                                                                                                                                                                                                                                        ETag: "206d0cb0f8a398cba3f6c5c045508c70"
                                                                                                                                                                                                                                        X-Request-ID: 16e91fd8-2656-4b50-9f00-7cf227f47b54
                                                                                                                                                                                                                                        X-Served-By: cache-lga21979-LGA
                                                                                                                                                                                                                                        X-Cache: HIT
                                                                                                                                                                                                                                        X-Cache-Hits: 0
                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Timing-Allow-Origin: *


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        207192.168.2.449965104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC926OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178180 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178175.4.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC747INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:23 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xnAX%2FDDWxwTXHwPbo4UNMYJeOlGsads5%2FS7gShXcsV65SqQU6ioPtRR8JAWpg6EATafI7%2FboWfORhA5%2FZP4b7cHJuIORamDTVGLb%2FKzagBIb3BACI3hijbFBz9Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcee6c4941f3-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        208192.168.2.449966104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178182.60.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC1012INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:24 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5Byzri463Gr%2B3VhTMgENNIKIElzspKSl3hFjxLq8aXkwX7r1TWfeL1HEFZkNN221YpV8qDsdhdYQ8yoXTIrEvgazB8edNSJ89Tumk9HW0fKZdqth0Vx3lWt09M%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcf0bb5d1799-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        209192.168.2.449969216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC1244OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178181863&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=3097 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:23 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        210192.168.2.449968216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178181863&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=3191 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:24 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        211192.168.2.449967216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC1684OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178181863&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:23 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        212192.168.2.449972192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3282&rand=0.5681925783642812 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:23 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        213192.168.2.449971198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:24 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        214192.168.2.449970216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:23 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178174662&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=9768 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:24 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        215192.168.2.449974192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3282&rand=0.5681925783642812 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:24 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        216192.168.2.449975104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178182.60.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:24 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igDd5FmsF%2Bk5FkWRZUNTv3T4Rj7uP0GM8q2Qm4wjbRJegvh5Q%2F4OCnoZ6q9KA21B2%2BToKEepdbOeui4RxTzjsA8bgryE7YB1Ax6dQkMHMr3SEexxeCgIBqjDsxw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabcf5d889c33b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:24 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        217192.168.2.44997635.190.80.14437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:25 UTC521OUTOPTIONS /report/v4?s=Juoae9xuv73uYDRAykdVqLksFMY0tv36o0qR022mZg3AWn8AsFejUkr%2FpPGRyMPxEu2CwZmndYF9p%2F0QR2kktlLaePpycMJb1XxGt3xG9ryMmoH93M2oeBkPEuc%3D HTTP/1.1
                                                                                                                                                                                                                                        Host: a.nel.cloudflare.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Request-Method: POST
                                                                                                                                                                                                                                        Access-Control-Request-Headers: content-type
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:25 UTC336INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        content-length: 0
                                                                                                                                                                                                                                        access-control-max-age: 86400
                                                                                                                                                                                                                                        access-control-allow-methods: OPTIONS, POST
                                                                                                                                                                                                                                        access-control-allow-origin: *
                                                                                                                                                                                                                                        access-control-allow-headers: content-length, content-type
                                                                                                                                                                                                                                        date: Sat, 27 Apr 2024 00:36:24 GMT
                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        218192.168.2.44997344.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:25 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3500
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:25 UTC3500OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 31 4d 79 34 34 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E1My44JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                                        2024-04-27 00:36:25 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:25 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:25 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178185741571
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178185740965
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:25 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        219192.168.2.44997735.190.80.14437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:26 UTC469OUTPOST /report/v4?s=Juoae9xuv73uYDRAykdVqLksFMY0tv36o0qR022mZg3AWn8AsFejUkr%2FpPGRyMPxEu2CwZmndYF9p%2F0QR2kktlLaePpycMJb1XxGt3xG9ryMmoH93M2oeBkPEuc%3D HTTP/1.1
                                                                                                                                                                                                                                        Host: a.nel.cloudflare.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3243
                                                                                                                                                                                                                                        Content-Type: application/reports+json
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:26 UTC3243OUTData Raw: 5b 7b 22 61 67 65 22 3a 31 33 32 35 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 36 34 36 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 36 2e 35 2e 31 30 32 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70
                                                                                                                                                                                                                                        Data Ascii: [{"age":13250,"body":{"elapsed_time":646,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.26.5.102","status_code":400,"type":"http.error"},"type":"network-error","url":"https://bitsum.com/wp
                                                                                                                                                                                                                                        2024-04-27 00:36:27 UTC168INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        content-length: 0
                                                                                                                                                                                                                                        date: Sat, 27 Apr 2024 00:36:26 GMT
                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        220192.168.2.449978104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:27 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178182.60.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1039INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:28 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IYW3NEE0jFoX2q04%2BTQkt0RJpEBb3YiWw%2Fsjpecl7l1o4nF%2FbULqb8ofiKPhs1c1D6s4u60LVPov%2BXFYBY%2FDD3Iq2IudF1YmW0J8FG4siJsHDBuOzAQKuBsdHDk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd097e420f74-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC330INData Raw: 37 62 61 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba5<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f
                                                                                                                                                                                                                                        Data Ascii: ewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robo
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74
                                                                                                                                                                                                                                        Data Ascii: Query === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: erInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a
                                                                                                                                                                                                                                        Data Ascii: ttps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69
                                                                                                                                                                                                                                        Data Ascii: er',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hi
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27
                                                                                                                                                                                                                                        Data Ascii: perty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined'
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                        Data Ascii: rs) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = functio
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75
                                                                                                                                                                                                                                        Data Ascii: [t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\u


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        221192.168.2.44998244.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:28 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        222192.168.2.44998144.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 796
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4a 6b 59 32 59 7a 4d 44 6c 6d 4c 57 4d 35 4d 54 51 74 4e 44 59 33 4e 53 31 69 4e 7a 41 7a 4c 54 4e 6a 5a 47 46 68 5a 54 41 78 4e 54 51 33 4d 6a 51 78 4f 54 51 33 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4e 6d 4e 57 49 7a 4f 44 46 6d 4c 57 51 31 5a 44 4d 74 4e 44 52 6c 5a 53 30 35 4e 54 63 79 4c 54 49 30 4e 47 52 6d 4d 54 63 33 4e 54 67 78 4d 44 55 33 4e 54 51 30 4d 43 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmJkY2YzMDlmLWM5MTQtNDY3NS1iNzAzLTNjZGFhZTAxNTQ3MjQxOTQ3MyUyMiUyQyUyMnNpZCUyMiUzQSUyMmNmNWIzODFmLWQ1ZDMtNDRlZS05NTcyLTI0NGRmMTc3NTgxMDU3NTQ0MCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:28 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:28 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178188784911
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178188784482
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        223192.168.2.449979104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178187.55.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC830INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:28 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:28 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Z4RE3l90YD%2BKBXZuDm1cHp8TSSbeF1%2FUkfxif7XCgizQ7fnLnHX98hz0hIVOwCjBfGN7Iu3m8EJbEZ%2FJ9hqyFY%2FGa9yt%2FDCkebFJNKPm94%2FxEZiF%2BBG5M0gr68%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd0f387f0f7d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC539INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61
                                                                                                                                                                                                                                        Data Ascii: .navbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-na
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1369INData Raw: 74 73 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f
                                                                                                                                                                                                                                        Data Ascii: tset #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_butto
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC594INData Raw: 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c
                                                                                                                                                                                                                                        Data Ascii: ckground-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        224192.168.2.449984216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178187553&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1283 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:28 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        225192.168.2.449986104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178187.55.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC1022INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2Nk2rL5JRBQJevyE%2F8fG6F2vWJgSqwVUFZGKwNHLN%2BzrFu7HP%2B%2BBbyYrGHHP%2F2gr8txG4eMeoG6dA33uoJA0cpHLZp2CMNTzt%2BxY6sXJJnwQQHhywyyWv6KASM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd10eded42ea-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        226192.168.2.449985104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178187 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178187.55.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC743INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDPKvYrKsvGyedVPMmyKM4ZRqLaGV7y%2FhFZJ81B0BzBY7Dp4zUWT%2FbNvIOnrA33sHpndZun3wfmkdaDz9OO%2F1frfyEmVbbCyOV6cMS5itBxuFA9leywbcez88F8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd119c2f437b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        227192.168.2.449988198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        228192.168.2.449987216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:28 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178181863&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=8352 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        229192.168.2.449990216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178187553&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=1847 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        230192.168.2.449991216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC1692OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178187553&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        231192.168.2.44998944.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        232192.168.2.449992192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1852&rand=0.7873146752310403 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        233192.168.2.44999444.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3504
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC3504OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4d 79 34 34 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyMy44JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:29 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178189961291
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178189960679
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        234192.168.2.449995192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1852&rand=0.7873146752310403 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:29 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        235192.168.2.449996198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:29 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:30 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:30 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        236192.168.2.449993104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:31 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:31 UTC811INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:31 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9i0CIPs628QhOhGhD2O6GW1yxP2i8lEc7PiXdV1Yx8wnxyQT1M8wbH3Mry8EGzavPTz8xOn8nR48S6idgnVvJOfA13EK1TvMbpZa%2BenNPlCfvmOSbUX4aBYWWQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd1f7917c459-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:31 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        237192.168.2.44999744.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:31 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:32 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        238192.168.2.44999844.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 792
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC792OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4a 6b 59 32 59 7a 4d 44 6c 6d 4c 57 4d 35 4d 54 51 74 4e 44 59 33 4e 53 31 69 4e 7a 41 7a 4c 54 4e 6a 5a 47 46 68 5a 54 41 78 4e 54 51 33 4d 6a 51 78 4f 54 51 33 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 4e 6d 4e 57 49 7a 4f 44 46 6d 4c 57 51 31 5a 44 4d 74 4e 44 52 6c 5a 53 30 35 4e 54 63 79 4c 54 49 30 4e 47 52 6d 4d 54 63 33 4e 54 67 78 4d 44 55 33 4e 54 51 30 4d 43 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmJkY2YzMDlmLWM5MTQtNDY3NS1iNzAzLTNjZGFhZTAxNTQ3MjQxOTQ3MyUyMiUyQyUyMnNpZCUyMiUzQSUyMmNmNWIzODFmLWQ1ZDMtNDRlZS05NTcyLTI0NGRmMTc3NTgxMDU3NTQ0MCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:32 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:32 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178192440834
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178192439789
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        239192.168.2.449999198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:32 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:32 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        240192.168.2.45000044.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:33 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        241192.168.2.450001198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:33 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        242192.168.2.450003104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:33 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:34 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGqQmslcVsldr11ypDaggrjTitMI7QyfxCZeGH%2FqotayV2OwBN0zGNcXVfrzsZuGXBFx%2FvLaXi2a1FGreiauMnA3Sk%2BuB5yNHAc5sDKh%2B6gt2Nor0TJba9oIScE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd317a6343c3-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                                        Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                                        Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                                        Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                                        Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                                        Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                                        Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                                        Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                                        2024-04-27 00:36:34 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                                        Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        243192.168.2.450002104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC832INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:36 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:36 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cm2lUJsoZ4XgqL%2B0zeScFsv8clrvy0I6KvXZDrIRDburDqFoJU14%2Bt8tMzz1Pxkd%2FjQUjoBBorwhhcyANFI%2Fth2NXElI4w8Ij2IehqA%2BcR%2F%2B5gu%2Flvjzp3DsQiI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd3d9adb41c6-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC537INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC1369INData Raw: 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d
                                                                                                                                                                                                                                        Data Ascii: ,.navbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC1369INData Raw: 6f 75 74 73 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74
                                                                                                                                                                                                                                        Data Ascii: outset #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_but
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC596INData Raw: 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d
                                                                                                                                                                                                                                        Data Ascii: background-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        244192.168.2.450004104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178194 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178188.54.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:36 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDgqGRr04brUSZAS7Ra219Ong5%2FuQnbOVXwBiCC7ejNBZ0lHlCncUpBivWJQm66JAAfU7xhP4YYaNJSo2%2FdtUBgGN1lGSdemJ8L5bXRa5WUbfxpQ54tR81EIlgA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd3fdd45c3fd-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        245192.168.2.450006104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC1014INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVvSHrsIN8qqkdWnOIvjbMUU81BG8Ylzq095gdvWsenJYwa3vY73i4hy5eEoOd87Bm2QiQ5SBF0McoclAWGY%2BKeM6pefGEy3%2FUHDacAtJRyPsnxpIWgGg5TPlxg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd418de70f7d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        246192.168.2.450005216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178195136&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2555 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:36 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        247192.168.2.450008216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:36 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178195136&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=2650 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        248192.168.2.450010192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3020&rand=0.2054094452619757 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        249192.168.2.450009216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC1691OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178195136&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        250192.168.2.450013192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3020&rand=0.2054094452619757 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        251192.168.2.450014104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:38 UTC819INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:38 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wtA73anO05ZYs83Fwt436A1oS%2FV2%2FvEyZPbFArJGEjhgXOm9I9L6N%2FsQdznxB%2Bujobq%2BsZr2qQ5JMPfTmlVnFOWdBAaDPfGHKt47QPhK4WO86QSr7sbGYmj26k%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd46b96e1a0f-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:38 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        252192.168.2.45001244.240.201.864437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3472
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC3472OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 34 4d 69 34 30 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E4Mi40JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:37 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178197731886
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178197731652
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        253192.168.2.450011216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178187553&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=9781 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:37 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        254192.168.2.45001544.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:38 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:38 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:38 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:38 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        255192.168.2.450016198.137.150.1414437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:40 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:40 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        256192.168.2.450018104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1045INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:41 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ln3F7E5NVdQ5qfeh2mIz0XRcg52qbnMRgYHR%2BvoP9J8wCBHKvcJnuZ6nE6Nx%2F5C7XegWIwTa1qaAZ%2Fr%2F%2BzU9HYW51UEr8KamH7%2B8T1hBaQ%2BZ63M%2FXPh8rGoMdzc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd5d5b188c39-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC324INData Raw: 37 62 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7b9f<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: me="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27
                                                                                                                                                                                                                                        Data Ascii: xcludeQuery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === '
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 2e 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a
                                                                                                                                                                                                                                        Data Ascii: .MonsterInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 09 09 2f 2a 20 68 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b
                                                                                                                                                                                                                                        Data Ascii: /* https://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Track
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 09 09 09 09 09 09 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20
                                                                                                                                                                                                                                        Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object')
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 72 65 66 65 72 72 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74
                                                                                                                                                                                                                                        Data Ascii: referrer',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}ret
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 4f 77 6e 50 72 6f 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65
                                                                                                                                                                                                                                        Data Ascii: OwnProperty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'unde
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66
                                                                                                                                                                                                                                        Data Ascii: rameters) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = f
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1369INData Raw: 20 65 3d 3d 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75
                                                                                                                                                                                                                                        Data Ascii: e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\u


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        257192.168.2.450017104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC820INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:42 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6yhBVR5l0WAhoLjOlVxwlU4SGxOHornx6IA7fxF03F59oZ8Xi8L%2BTPiVpdZ3HDYIUqjNRlWktvrzN4YtQODNqOrhUbOaYfPOr7UzloZja%2B8gw2BAEImVe4beB4E%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd61cd69c352-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC549INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC1369INData Raw: 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20
                                                                                                                                                                                                                                        Data Ascii: fault .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC1369INData Raw: 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61
                                                                                                                                                                                                                                        Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC584INData Raw: 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e
                                                                                                                                                                                                                                        Data Ascii: olor: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        258192.168.2.450021216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:41 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178195136&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=7926 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        259192.168.2.450022104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178201.41.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC1014INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DcvVF8i%2B0eQdXhD62HMNrgel4hQojca%2FyRvMwWfBmFw8t4BwwkG8J3EyHnrrd0FUxRATUXPYSJsM5WpBAgTR8LJTWJcF2AvkkzXyVl3cd3NQ5MuFqOf4mTu6Tho%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd6408f24322-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        260192.168.2.450024104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178201 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178195.47.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC743INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhAfOqxCXcHFpHrSCUpqI25SSoeOWKXBvL3hKUQBqMS8%2F8PtU48Z8V%2Fa2QAROpGgOVEnYwGNjMQsGF5GEEDyJ182oLPY8U2kaoCMd8%2Fl2Xk9iuooqy2uczX5ISg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd6459af8c60-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        261192.168.2.450023216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178200995&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1323 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        262192.168.2.450025216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178200995&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=1554 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        263192.168.2.450026216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC1692OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178200995&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        264192.168.2.450027192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1673&rand=0.4563951407778424 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:42 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        265192.168.2.450028104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178201.41.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:43 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQJxNoIpH2gzNJKMexqSh%2B6oRD37SQyu4FXfacMBEM9or12KYqYAlzlxYx50LD6Pd6h%2BFjnElUM0rJmMb84zfmWv%2FElM0yVWuqMke5IFd4AQGXWgzcIa4qLaQoI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd69ba0e437e-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        266192.168.2.450030192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:42 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1673&rand=0.4563951407778424 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:43 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        267192.168.2.45002944.238.18.2174437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3512
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC3512OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 78 4d 6a 51 75 4d 69 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0ExMjQuMiUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQ
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:43 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:43 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178203514138
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178203513786
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:43 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        268192.168.2.45003144.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:45 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:45 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:45 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:45 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        269192.168.2.450032198.202.176.814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:45 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:46 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:46 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        270192.168.2.450033104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178201.41.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1031INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:47 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqeV6K8EWTTbk0VNShIRneYW7b6VDTqzjM9vGc7aJDHQrYXpfM%2FevSv7iK9PJsYSIsmmLzyKL8iRVoQMjvP3tPhAAMErFrGgDAdDGHzqi9rK1C6nHxIRqJlp2ao%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd83f8d042a5-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC338INData Raw: 37 62 61 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7bad<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74
                                                                                                                                                                                                                                        Data Ascii: content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots" cont
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e
                                                                                                                                                                                                                                        Data Ascii: = 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? Mon
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72 61 6d 65 74
                                                                                                                                                                                                                                        Data Ascii: tsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {paramet
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09 09 09 7d 3b
                                                                                                                                                                                                                                        Data Ascii: evelopers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();};
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 4f 62
                                                                                                                                                                                                                                        Data Ascii: tAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {Ob
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: pIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72 61 6d
                                                                                                                                                                                                                                        Data Ascii: const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (param
                                                                                                                                                                                                                                        2024-04-27 00:36:47 UTC1369INData Raw: 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62
                                                                                                                                                                                                                                        Data Ascii: nction u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        271192.168.2.450034104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:48 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178201.41.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC832INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:49 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:49 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FI7sdfNcoNxa7J2HMJnx8iAX%2BLmrwmDCtX%2B6ohBwOD%2Fpf1jQ%2ByPx1iUOvmmE5wng14uPqB%2F4A%2Fsay6r2In71VL14v228Oe%2BOua7QOoyhlZZ1MW7Xp%2F9KbvwmJQU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd8e0dc58c7d-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC537INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC1369INData Raw: 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d
                                                                                                                                                                                                                                        Data Ascii: ,.navbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC1369INData Raw: 6f 75 74 73 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74
                                                                                                                                                                                                                                        Data Ascii: outset #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_but
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC596INData Raw: 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d
                                                                                                                                                                                                                                        Data Ascii: background-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        272192.168.2.450035104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178208.34.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:49 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAd43YWAchelmUjuseVpqzWzL3LQ65azl52oKoJWrz%2FR%2FBYQowdzGEeXDn8ETLQreGrrwLZRHxR4JoAY6FQrdy9j6f%2BlEMYbHw7Tb46L1yrWpAVpi8Z%2BLkF3jV4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd916c3d43e2-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        273192.168.2.450037104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178207 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178208.34.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC743INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:49 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0aWVaeFDTazVxLd4l%2BHHmJ9JFsVhL2EvIevMoBjwWSn4IpFoNeGoZ9C%2BEBI4dbmTPVmXcUx79Oijd4Qb0LAe4yAvWkxDXwqfpVJZQTYClZczzq%2FrYCZTv7A1Lcc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd928ceb43ff-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        274192.168.2.450036216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178207933&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2183 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:49 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        275192.168.2.450038216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178207933&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=7&tfd=2609 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:50 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        276192.168.2.450041192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2620&rand=0.6121610810402847 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:50 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        277192.168.2.450039216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:49 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178200995&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=8910 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:50 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        278192.168.2.450040216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC1692OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178207933&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:50 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        279192.168.2.450042104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178208.34.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC813INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:50 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aetHr0fz9EbCfotg2EXI69ofF2PzMghCyUdqH%2BDIWdlBTH%2BB8B38Q49RYUO9zxihYFOo67oOm2z7ApPbk8jDCOXlQhGqUHSkXyO3dnKI6Setpi2PttruDhvlqro%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabd963fb372b6-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        280192.168.2.450044192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2620&rand=0.6121610810402847 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:50 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        281192.168.2.45004344.238.18.2174437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3512
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC3512OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 53 34 34 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNS44JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:50 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:50 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178210726372
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178210725659
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:50 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        282192.168.2.45004544.237.125.2194437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:51 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:51 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:51 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:51 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        283192.168.2.450047104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:54 UTC999OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178208.34.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1035INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:55 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                                        Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPbi9nnoLaJHD6NwSuzuJpxoJ6mYiWWTloD9v1MVibS9hEb8%2FE%2FyltNg69J90C0x66ANR60iNKE1lZOvJqjYBp1IBUoZ2sysTEH31q05ndniYYwB3TsrDG%2BXknw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabdb0cd328c6b-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC334INData Raw: 37 62 61 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                                        Data Ascii: 7ba9<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20
                                                                                                                                                                                                                                        Data Ascii: rt" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots"
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f
                                                                                                                                                                                                                                        Data Ascii: y === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ?
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72
                                                                                                                                                                                                                                        Data Ascii: sightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {par
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: ://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                        Data Ascii: eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09
                                                                                                                                                                                                                                        Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a
                                                                                                                                                                                                                                        Data Ascii: y(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70
                                                                                                                                                                                                                                        Data Ascii: {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (p
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35
                                                                                                                                                                                                                                        Data Ascii: )}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        284192.168.2.450048198.202.176.814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:54 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:55 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        285192.168.2.450049216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:54 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178207933&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=7723 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:55 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        286192.168.2.450046104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC887OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178214.28.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC824INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:55 GMT
                                                                                                                                                                                                                                        Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Sun, 27 Apr 2025 00:36:55 GMT
                                                                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufU%2B4kHudR0pZgHaeE453g69lyJ2H4SC8NHs2WbZHdPueYpTtaXIKWpgpp%2FDuFSPep%2FJTDx38jMkoIpRAKQ7dIAgRQp%2BzcpriHBdvhznfAIiASfXLzSxII4TJGI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabdb67d4472a5-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC545INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                                        Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74
                                                                                                                                                                                                                                        Data Ascii: r-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .act
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1369INData Raw: 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65
                                                                                                                                                                                                                                        Data Ascii: 000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hove
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC588INData Raw: 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76
                                                                                                                                                                                                                                        Data Ascii: nd-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-activ
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        287192.168.2.450051104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1018OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 136
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                                        X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178214.28.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                                        Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC1012INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:56 GMT
                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 120
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8RPhqixF2xLbs0ACpQi5JXCwH158rbUi6Sp3QXGLZBUnPV1DGlSL3Frx9440l3oHTno0NAYABLukaqgUCRTZXk0EPDnZKMHRFAcg96TycLGe%2FkqHpWII3Jul4Oo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabdb89d9f192c-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                                        Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        288192.168.2.450052104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC927OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714178214 HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: style
                                                                                                                                                                                                                                        Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178214.28.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC749INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:55 GMT
                                                                                                                                                                                                                                        Content-Type: text/css
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                                        ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: MISS
                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUvz0Y%2FZVu6gcrH%2Bc7t7yAaijaCPU32sSE15G5Rm4gXTsmP5DfO8ZpfKct5fI6iy9n%2BOnZNJXKGqL3oqUPqK77lGTpE%2Frmu1qLb%2FLz3dybzX7EFzMLy%2FO1QCZ7c%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabdb8abfe41fe-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        289192.168.2.450050216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:55 UTC1237OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178214348&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1213 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:56 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        290192.168.2.450053216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC1236OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178214348&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=1599 HTTP/1.1
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:56 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        291192.168.2.450055192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1709&rand=0.9026727643311079 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: image
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:56 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        292192.168.2.450054216.239.38.1814437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC1684OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je44o0v890333677za200&_p=1714178214348&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=1877982582.1714178120&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714178119&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr6.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr44.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr74.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true& [TRUNCATED]
                                                                                                                                                                                                                                        Host: analytics.google.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://bitsum.com
                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://bitsum.com/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:56 GMT
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                        Server: Golfe2
                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                        Connection: close


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        293192.168.2.450056104.26.5.1024437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC650OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                                        Host: bitsum.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: PHPSESSID=6589i1ceno91cucv8e2oi256ha; _ga=GA1.1.1877982582.1714178120; edduh_hash=1f199ca0056c8ccf04b80e579631bdb5; __stripe_mid=bdcf309f-c914-4675-b703-3cdaae015472419473; __stripe_sid=cf5b381f-d5d3-44ee-9572-244df1775810575440; _ga_ZV0D0J286B=GS1.1.1714178119.1.1.1714178214.28.0.0
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC821INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:56 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                        Content-Length: 1
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                        X-Robots-Tag: noindex
                                                                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwIyE29X63hVYmUhr4dCl%2BAeISUjtLATTbhGLkm8eWodKLiQEw9A5qsUK7JdJZEhiZjR%2BwDNgmz5U%2FN%2Bo%2F5kPhMUPDx4mw0FOO36F4Y%2BL763XXPqBrQnHYBjAk4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                        CF-RAY: 87aabdbcd8987d13-EWR
                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC1INData Raw: 30
                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        294192.168.2.450058192.0.76.34437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1709&rand=0.9026727643311079 HTTP/1.1
                                                                                                                                                                                                                                        Host: pixel.wp.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:56 GMT
                                                                                                                                                                                                                                        Content-Type: image/gif
                                                                                                                                                                                                                                        Content-Length: 50
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                                        Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                        295192.168.2.45005744.238.18.2174437268C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        Content-Length: 3464
                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Referer: https://m.stripe.network/
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988
                                                                                                                                                                                                                                        2024-04-27 00:36:56 UTC3464OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 53 34 35 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                                        Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNS45JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                                        2024-04-27 00:36:57 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:57 GMT
                                                                                                                                                                                                                                        Content-Length: 156
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        set-cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988;Expires=Mon, 27-Apr-2026 00:36:57 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                                        x-content-type-options: nosniff
                                                                                                                                                                                                                                        x-stripe-server-envoy-start-time-us: 1714178217160142
                                                                                                                                                                                                                                        x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                                        x-envoy-attempt-count: 1
                                                                                                                                                                                                                                        x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                                        x-stripe-client-envoy-start-time-us: 1714178217159910
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:57 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 62 64 63 66 33 30 39 66 2d 63 39 31 34 2d 34 36 37 35 2d 62 37 30 33 2d 33 63 64 61 61 65 30 31 35 34 37 32 34 31 39 34 37 33 22 2c 22 67 75 69 64 22 3a 22 63 61 31 64 62 30 61 64 2d 33 32 31 63 2d 34 63 38 33 2d 62 63 64 33 2d 36 66 37 38 63 64 37 38 33 33 37 30 36 35 35 39 38 38 22 2c 22 73 69 64 22 3a 22 63 66 35 62 33 38 31 66 2d 64 35 64 33 2d 34 34 65 65 2d 39 35 37 32 2d 32 34 34 64 66 31 37 37 35 38 31 30 35 37 35 34 34 30 22 7d
                                                                                                                                                                                                                                        Data Ascii: {"muid":"bdcf309f-c914-4675-b703-3cdaae015472419473","guid":"ca1db0ad-321c-4c83-bcd3-6f78cd783370655988","sid":"cf5b381f-d5d3-44ee-9572-244df1775810575440"}


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                        296192.168.2.45005944.237.125.219443
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:57 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                                        Host: m.stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: m=ca1db0ad-321c-4c83-bcd3-6f78cd783370655988; cid=92483e88-412a-43a5-828c-19c846617d0a
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:58 GMT
                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                        Content-Length: 138
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Location: https://stripe.com
                                                                                                                                                                                                                                        Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                        Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                                        Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                        297192.168.2.450060198.202.176.81443
                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                                        Host: stripe.com
                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                        Cookie: cid=92483e88-412a-43a5-828c-19c846617d0a; __Host-stripe.mkt.csrf=85tLUUz43tXPjUHIdzu74v7AjQjtUSqU0kBBg_fMCrzc9WN0HX6wkQbh05FEdX35KPOmynphydfwRaKNndmKDzw-AcAXe4YkSDUuvlflYT5qafX53ZEeflBBgPdp3sQ6zIXhFjyD3w%3D%3D
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC4149INHTTP/1.1 200 OK
                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                        Date: Sat, 27 Apr 2024 00:36:58 GMT
                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                        Content-Length: 2259729
                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                        Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                                        Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                                        Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                        X-Mkt-Cache: HIT
                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC12235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 64 65 73 6b 74 6f 70 4e
                                                                                                                                                                                                                                        Data Ascii: rowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:var(--backgroundColor)}@media (max-width:599px){.SiteHeader{--tabletOverlayDisplay:none}}@media (max-width:899px){.SiteHeader{--desktopN
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 20 34 70 78 20 30 20 30 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 69 6e 73 65 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 20 30 20 63 61 6c 63 28 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 50 61 64 64 69 6e 67 29 2a 2d 31 29 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 23 66 36 66 39 66 62 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 76 61 72 28 2d 2d
                                                                                                                                                                                                                                        Data Ascii: ;border-radius:4px 4px 0 0;z-index:1}.MobileMenu__header:before{content:"";position:absolute;inset:calc(var(--siteMobileMenuPadding)*-1) calc(var(--siteMobileMenuPadding)*-1) 0 calc(var(--siteMobileMenuPadding)*-1);border:solid #f6f9fb;border-width:var(--
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 72 64 53 68 61 64 6f 77 4d 61 72 67 69 6e 3a 76 61 72 28 2d 2d 63 61 72 64 53 68 61 64 6f 77 58 4c 61 72 67 65 4d 61 72 67 69 6e 29 7d 2e 53 69 74 65 4d 65 6e 75 5f 5f 73 65 63 74 69 6f 6e 7b 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 35 30 25 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 53 65 63 74 69 6f 6e 4f 66 66 73 65 74 29 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 74 72 61 6e 73 69
                                                                                                                                                                                                                                        Data Ascii: rdShadowMargin:var(--cardShadowXLargeMargin)}.SiteMenu__section{--siteMenuSectionOffset:0;display:inline-block;position:absolute;top:0;left:50%;transform:translateX(-50%) translateX(var(--siteMenuSectionOffset));transition:var(--siteMenuTransition);transi
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 67 68 74 29 7d 2e 43 6f 70 79 5f 5f 74 69 74 6c 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 74 69 74 6c 65 41 6e 63 68 6f 72 44 69 73 70 6c 61 79 2c 62 6c 6f 63 6b 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 63 61 6c 63 28 2e 35 70 78 20 2b 20 76 61 72 28 2d 2d 74 69 74 6c 65 4c 69 6e 65 48 65 69 67 68 74 29 2a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 20 2d 20 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 2f 32 29 3b 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 68 65 61 64 65 72 50 61 64 64 69 6e 67 4c 65 66 74 29 2a 2d 31 29 3b 77 69 64 74 68 3a 31 70 78 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 29 3b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                                        Data Ascii: ght)}.Copy__title:before{display:var(--titleAnchorDisplay,block);position:absolute;top:calc(.5px + var(--titleLineHeight)*var(--titleFontSize)/2 - var(--titleFontSize)/2);left:calc(var(--headerPaddingLeft)*-1);width:1px;height:var(--titleFontSize);backgro
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 7b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 56 65 72 74 69 63 61 6c 50 61 64 64 69 6e 67 3a 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 49 6e 70 75 74 4d 69 6e 48 65 69 67 68 74 3a 32 38 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 46 6f 6e 74 53 69 7a 65 3a 31 33 70 78 3b 2d 2d 63 68 65 63 6b 6f 75 74 50 68 6f 6e 65 42 61 63 6b 54 6f 41 72 72 6f 77 48 65 69 67 68 74 3a 31 30 70 78 7d 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 2d 2d 73 63 61 6c 65 4c 61 72 67 65 20 2e 43 68 65 63 6b 6f 75 74 50 68 6f 6e 65 47 72 61 70 68 69 63 5f 5f 61 70 70 6c 65 50 61 79 7b 68 65 69 67 68 74 3a 31 36 70 78 7d 2e 43 68 65 63 6b 6f 75 74
                                                                                                                                                                                                                                        Data Ascii: eckoutPhoneGraphic--scaleLarge{--checkoutPhoneVerticalPadding:8px;--checkoutPhoneInputMinHeight:28px;--checkoutPhoneFontSize:13px;--checkoutPhoneBackToArrowHeight:10px}.CheckoutPhoneGraphic--scaleLarge .CheckoutPhoneGraphic__applePay{height:16px}.Checkout
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 6d 69 6c 79 3a 53 6f 75 72 63 65 43 6f 64 65 50 72 6f 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 31 61 39 33 30 32 34 37 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 61 63 36 37 31 33 64 35 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69
                                                                                                                                                                                                                                        Data Ascii: mily:SourceCodePro;src:url(https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2) format("woff2"),url(https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff) format("woff");font-weight:500;font-style:normal;font-display:block}}@media (max-wi
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 63 65 6e 74 43 6f 6c 6f 72 3a 23 31 34 64 34 33 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 65 65 61 38 30 30 3b 2d 2d 63 6f 6d 70 6c 69 6d 65 6e 74 61 72 79 43 6f 6c 6f 72 3a 23 31 35 62 65 35 33 7d 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 4c 65 6d 6f 6e 4c 69 6d 65 20 2e 74 68 65 6d
                                                                                                                                                                                                                                        Data Ascii: centColor:#14d433}.flavor--LemonLime.accent--Yellow,.flavor--LemonLime .accent--Yellow{--accentColor:#eea800;--complimentaryColor:#15be53}.flavor--LemonLime.theme--Dark.accent--Yellow,.flavor--LemonLime.theme--Dark .accent--Yellow,.flavor--LemonLime .them
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 6c 6f 62 61 6c 2d 66 31 65 65 66 66 61 65 31 64 65 33 32 34 32 66 63 63 61 39 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d
                                                                                                                                                                                                                                        Data Ascii: " media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css" media="print" data-js-lazy-style> <link rel="stylesheet" href=
                                                                                                                                                                                                                                        2024-04-27 00:36:58 UTC16384INData Raw: 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 43 61 72 64 46 69 65 6c 64 2d 37 33 39 65 32 38 35 65 64 65 65 63 65 61 39 38 36 65 64 30 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 46 69 65 6c 64 49 6e 70 75 74 47 72 69 64 2d 32 38 31 66 61 36 61 39 32 63 32 65 33 63 61 61 31 34 63 39 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22
                                                                                                                                                                                                                                        Data Ascii: ="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css"><link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css"><link rel="stylesheet"


                                                                                                                                                                                                                                        Statistics

                                                                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                                                                        Behavior

                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                        System Behavior

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:0
                                                                                                                                                                                                                                        Start time:02:34:51
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                        Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe"
                                                                                                                                                                                                                                        Imagebase:0x580000
                                                                                                                                                                                                                                        File size:2'994'544 bytes
                                                                                                                                                                                                                                        MD5 hash:5AE909472F400D4341E93DF71D808377
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:1
                                                                                                                                                                                                                                        Start time:02:34:56
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://%3cfnc1%3e(79)/
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:3
                                                                                                                                                                                                                                        Start time:02:34:56
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1896,i,18253400173548351382,657115916745803150,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:4
                                                                                                                                                                                                                                        Start time:02:34:57
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\PostUpdate.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Users\user\Desktop\PostUpdate.exe"
                                                                                                                                                                                                                                        Imagebase:0x7ff61d380000
                                                                                                                                                                                                                                        File size:683'920 bytes
                                                                                                                                                                                                                                        MD5 hash:B011082B19F6B97E7EF8611B31C60CE2
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                        • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                        • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:5
                                                                                                                                                                                                                                        Start time:02:35:01
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\bitsumsessionagent.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
                                                                                                                                                                                                                                        Imagebase:0x7ff714b60000
                                                                                                                                                                                                                                        File size:185'744 bytes
                                                                                                                                                                                                                                        MD5 hash:15A2FFF14C68DDDB8DC868ABEBDB6B6A
                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                        • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                        • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:6
                                                                                                                                                                                                                                        Start time:02:35:01
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\ProcessLasso.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:/postupdate
                                                                                                                                                                                                                                        Imagebase:0x7ff72d810000
                                                                                                                                                                                                                                        File size:1'880'984 bytes
                                                                                                                                                                                                                                        MD5 hash:4D2AAE8E1F74C5A153CA003546FF217C
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                        • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                        • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:7
                                                                                                                                                                                                                                        Start time:02:35:04
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\bitsumsessionagent.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
                                                                                                                                                                                                                                        Imagebase:0x7ff714b60000
                                                                                                                                                                                                                                        File size:185'744 bytes
                                                                                                                                                                                                                                        MD5 hash:15A2FFF14C68DDDB8DC868ABEBDB6B6A
                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:9
                                                                                                                                                                                                                                        Start time:02:35:15
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:10
                                                                                                                                                                                                                                        Start time:02:35:15
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=1720,i,12997719605534959893,6831416874331468599,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                                                                        Start time:02:35:22
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:14
                                                                                                                                                                                                                                        Start time:02:35:23
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1992,i,4293187705668066289,15972859039918454721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:15
                                                                                                                                                                                                                                        Start time:02:35:30
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:16
                                                                                                                                                                                                                                        Start time:02:35:31
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1964,i,13270427420856175794,1509384985464530,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:17
                                                                                                                                                                                                                                        Start time:02:35:36
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:18
                                                                                                                                                                                                                                        Start time:02:35:38
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,6968930643493135927,8005255390743799941,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:20
                                                                                                                                                                                                                                        Start time:02:35:44
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:21
                                                                                                                                                                                                                                        Start time:02:35:45
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1896,i,7178996704446796536,16546988757165640423,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:22
                                                                                                                                                                                                                                        Start time:02:35:51
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:23
                                                                                                                                                                                                                                        Start time:02:35:51
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,14095325021809620615,2370060676840329805,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:24
                                                                                                                                                                                                                                        Start time:02:35:57
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:25
                                                                                                                                                                                                                                        Start time:02:35:57
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1960,i,15884539196100534553,13935790719083973572,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:26
                                                                                                                                                                                                                                        Start time:02:36:05
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:27
                                                                                                                                                                                                                                        Start time:02:36:06
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,7770318286161706758,8697429217068731838,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:28
                                                                                                                                                                                                                                        Start time:02:36:12
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:29
                                                                                                                                                                                                                                        Start time:02:36:13
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1980,i,14311972056982275594,10984696189209996236,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:31
                                                                                                                                                                                                                                        Start time:02:36:19
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:32
                                                                                                                                                                                                                                        Start time:02:36:19
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1844,i,6611676962095983694,9654412610864421321,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:33
                                                                                                                                                                                                                                        Start time:02:36:26
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:34
                                                                                                                                                                                                                                        Start time:02:36:26
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1980,i,3494391659014450711,15666856029738290658,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:35
                                                                                                                                                                                                                                        Start time:02:36:32
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:36
                                                                                                                                                                                                                                        Start time:02:36:32
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2000,i,17513695124220267583,1691441907676113592,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:37
                                                                                                                                                                                                                                        Start time:02:36:39
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:38
                                                                                                                                                                                                                                        Start time:02:36:40
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1976,i,5733970221364913042,4539587496349365289,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:39
                                                                                                                                                                                                                                        Start time:02:36:45
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:40
                                                                                                                                                                                                                                        Start time:02:36:46
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,1855896387700206653,3917910617862819512,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:41
                                                                                                                                                                                                                                        Start time:02:36:52
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                        Target ID:42
                                                                                                                                                                                                                                        Start time:02:36:52
                                                                                                                                                                                                                                        Start date:27/04/2024
                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1996,i,6687144587041723826,9523744997039119914,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                        Imagebase:0x7ff624560000
                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                        Disassembly

                                                                                                                                                                                                                                        Reset < >

                                                                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                                                                          Execution Coverage:9.6%
                                                                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                          Signature Coverage:10%
                                                                                                                                                                                                                                          Total number of Nodes:1574
                                                                                                                                                                                                                                          Total number of Limit Nodes:32
                                                                                                                                                                                                                                          execution_graph 23962 59fd58 23963 59fd62 23962->23963 23966 59f9e9 23963->23966 23992 59f747 23966->23992 23968 59f9f9 23969 59fa56 23968->23969 23979 59fa7a 23968->23979 23970 59f987 DloadReleaseSectionWriteAccess 6 API calls 23969->23970 23971 59fa61 RaiseException 23970->23971 23972 59fc4f 23971->23972 23973 59fb65 23978 59fbc3 GetProcAddress 23973->23978 23986 59fc21 23973->23986 23974 59faf2 LoadLibraryExA 23975 59fb53 23974->23975 23976 59fb05 GetLastError 23974->23976 23975->23973 23980 59fb5e FreeLibrary 23975->23980 23977 59fb2e 23976->23977 23989 59fb18 23976->23989 23981 59f987 DloadReleaseSectionWriteAccess 6 API calls 23977->23981 23982 59fbd3 GetLastError 23978->23982 23978->23986 23979->23973 23979->23974 23979->23975 23979->23986 23980->23973 23984 59fb39 RaiseException 23981->23984 23987 59fbe6 23982->23987 23984->23972 23985 59f987 DloadReleaseSectionWriteAccess 6 API calls 23988 59fc07 RaiseException 23985->23988 24001 59f987 23986->24001 23987->23985 23987->23986 23990 59f747 ___delayLoadHelper2@8 6 API calls 23988->23990 23989->23975 23989->23977 23991 59fc1e 23990->23991 23991->23986 23993 59f779 23992->23993 23994 59f753 23992->23994 23993->23968 24009 59f7f0 23994->24009 23996 59f758 23997 59f774 23996->23997 24012 59f919 23996->24012 24017 59f77a GetModuleHandleW GetProcAddress GetProcAddress 23997->24017 24000 59f9c2 24000->23968 24002 59f999 24001->24002 24003 59f9bb 24001->24003 24004 59f7f0 DloadReleaseSectionWriteAccess 3 API calls 24002->24004 24003->23972 24005 59f99e 24004->24005 24006 59f9b6 24005->24006 24007 59f919 DloadProtectSection 3 API calls 24005->24007 24020 59f9bd GetModuleHandleW GetProcAddress GetProcAddress DloadReleaseSectionWriteAccess 24006->24020 24007->24006 24018 59f77a GetModuleHandleW GetProcAddress GetProcAddress 24009->24018 24011 59f7f5 24011->23996 24015 59f92e DloadProtectSection 24012->24015 24013 59f934 24013->23997 24014 59f969 VirtualProtect 24014->24013 24015->24013 24015->24014 24019 59f82f VirtualQuery GetSystemInfo 24015->24019 24017->24000 24018->24011 24019->24014 24020->24003 26043 5ac65d 6 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 25983 58a850 80 API calls Concurrency::cancel_current_task 25984 59b450 GdipCloneImage GdipAlloc 26059 59e750 70 API calls 26013 5a1550 51 API calls 2 library calls 26015 59a540 CompareStringW ShowWindow SetWindowTextW GlobalAlloc WideCharToMultiByte 26016 5a0540 46 API calls __RTC_Initialize 26061 5a0747 29 API calls _abort 26018 582570 96 API calls 25312 581075 25313 5904e5 41 API calls 25312->25313 25314 58107a 25313->25314 25317 5a0372 29 API calls 25314->25317 25316 581084 25317->25316 26044 59fe61 48 API calls _unexpected 25988 59c460 99 API calls 26045 5ab660 71 API calls _free 26046 5b1a60 IsProcessorFeaturePresent 25388 5a0612 25389 5a061e __FrameHandler3::FrameUnwindToState 25388->25389 25420 5a01ac 25389->25420 25391 5a0625 25392 5a0778 25391->25392 25395 5a064f 25391->25395 25497 5a0a0a IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter _abort 25392->25497 25394 5a077f 25490 5a931a 25394->25490 25397 5a068e ___scrt_is_nonwritable_in_current_image ___scrt_release_startup_lock 25395->25397 25431 5a9ebd 25395->25431 25405 5a06ef 25397->25405 25493 5a8e0c 38 API calls 2 library calls 25397->25493 25403 5a066e 25439 5a0b25 GetStartupInfoW _abort 25405->25439 25407 5a06f5 25440 5a9e0e 51 API calls 25407->25440 25410 5a06fd 25441 59f05c 25410->25441 25414 5a0711 25414->25394 25415 5a0715 25414->25415 25416 5a071e 25415->25416 25495 5a92bd 28 API calls _abort 25415->25495 25496 5a031d 12 API calls ___scrt_uninitialize_crt 25416->25496 25419 5a0726 25419->25403 25421 5a01b5 25420->25421 25499 5a0826 IsProcessorFeaturePresent 25421->25499 25423 5a01c1 25500 5a3bee 25423->25500 25425 5a01ca 25425->25391 25426 5a01c6 25426->25425 25508 5a9d47 25426->25508 25429 5a01e1 25429->25391 25432 5a9ed4 25431->25432 25433 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25432->25433 25434 5a0668 25433->25434 25434->25403 25435 5a9e61 25434->25435 25437 5a9e90 25435->25437 25436 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25438 5a9eb9 25436->25438 25437->25436 25438->25397 25439->25407 25440->25410 25606 591b83 25441->25606 25445 59f07c 25655 59bd1b 25445->25655 25447 59f085 _abort 25448 59f098 GetCommandLineW 25447->25448 25449 59f0ab 25448->25449 25450 59f13c GetModuleFileNameW SetEnvironmentVariableW GetLocalTime 25448->25450 25659 59d708 25449->25659 25452 584a20 _swprintf 51 API calls 25450->25452 25454 59f1a3 SetEnvironmentVariableW GetModuleHandleW LoadIconW 25452->25454 25670 59c8cd LoadBitmapW 25454->25670 25456 59f0b9 OpenFileMappingW 25460 59f12d CloseHandle 25456->25460 25461 59f0d1 MapViewOfFile 25456->25461 25457 59f136 25664 59ed2e 25457->25664 25460->25450 25463 59f0e2 __InternalCxxFrameHandler 25461->25463 25464 59f126 UnmapViewOfFile 25461->25464 25467 59ed2e 2 API calls 25463->25467 25464->25460 25469 59f0fe 25467->25469 25700 59069c 82 API calls 25469->25700 25470 59a0d7 27 API calls 25472 59f203 DialogBoxParamW 25470->25472 25476 59f23d 25472->25476 25473 59f112 25701 590752 82 API calls _wcslen 25473->25701 25475 59f11d 25475->25464 25477 59f24f Sleep 25476->25477 25478 59f256 25476->25478 25477->25478 25481 59f264 25478->25481 25702 59bfb3 CompareStringW SetCurrentDirectoryW _abort _wcslen 25478->25702 25480 59f283 DeleteObject 25482 59f298 DeleteObject 25480->25482 25483 59f29f 25480->25483 25481->25480 25482->25483 25484 59f2d0 25483->25484 25485 59f2e2 25483->25485 25703 59ed8b 6 API calls 25484->25703 25697 59bd81 25485->25697 25488 59f2d6 CloseHandle 25488->25485 25489 59f31c 25494 5a0b5b GetModuleHandleW 25489->25494 25833 5a9097 25490->25833 25493->25405 25494->25414 25495->25416 25496->25419 25497->25394 25499->25423 25512 5a4c97 25500->25512 25504 5a3bff 25505 5a3c0a 25504->25505 25526 5a4cd3 DeleteCriticalSection 25504->25526 25505->25426 25507 5a3bf7 25507->25426 25553 5ad21a 25508->25553 25511 5a3c0d 7 API calls 2 library calls 25511->25425 25515 5a4ca0 25512->25515 25514 5a4cc9 25532 5a4cd3 DeleteCriticalSection 25514->25532 25515->25514 25516 5a3bf3 25515->25516 25527 5a4edc 25515->25527 25516->25507 25518 5a3d1c 25516->25518 25546 5a4ded 25518->25546 25520 5a3d31 25520->25504 25523 5a3d3f 25524 5a3d4c 25523->25524 25552 5a3d4f 6 API calls ___vcrt_FlsFree 25523->25552 25524->25504 25526->25507 25533 5a4d02 25527->25533 25530 5a4f14 InitializeCriticalSectionAndSpinCount 25531 5a4eff 25530->25531 25531->25515 25532->25516 25534 5a4d1f 25533->25534 25538 5a4d23 25533->25538 25534->25530 25534->25531 25535 5a4d8b GetProcAddress 25535->25534 25537 5a4d99 25535->25537 25537->25534 25538->25534 25538->25535 25539 5a4d7c 25538->25539 25541 5a4da2 LoadLibraryExW 25538->25541 25539->25535 25540 5a4d84 FreeLibrary 25539->25540 25540->25535 25542 5a4de9 25541->25542 25543 5a4db9 GetLastError 25541->25543 25542->25538 25543->25542 25544 5a4dc4 ___vcrt_InitializeCriticalSectionEx 25543->25544 25544->25542 25545 5a4dda LoadLibraryExW 25544->25545 25545->25538 25547 5a4d02 ___vcrt_InitializeCriticalSectionEx 5 API calls 25546->25547 25548 5a4e07 25547->25548 25549 5a4e20 TlsAlloc 25548->25549 25550 5a3d26 25548->25550 25550->25520 25551 5a4e9e 6 API calls ___vcrt_InitializeCriticalSectionEx 25550->25551 25551->25523 25552->25520 25556 5ad233 25553->25556 25557 5ad237 25553->25557 25554 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25555 5a01d3 25554->25555 25555->25429 25555->25511 25556->25554 25557->25556 25559 5ab860 25557->25559 25560 5ab86c __FrameHandler3::FrameUnwindToState 25559->25560 25571 5abdf1 EnterCriticalSection 25560->25571 25562 5ab873 25572 5ad6e8 25562->25572 25564 5ab882 25565 5ab891 25564->25565 25585 5ab6e9 29 API calls 25564->25585 25587 5ab8ad LeaveCriticalSection _abort 25565->25587 25568 5ab8a2 _abort 25568->25557 25569 5ab88c 25586 5ab79f GetStdHandle GetFileType 25569->25586 25571->25562 25573 5ad6f4 __FrameHandler3::FrameUnwindToState 25572->25573 25574 5ad718 25573->25574 25575 5ad701 25573->25575 25588 5abdf1 EnterCriticalSection 25574->25588 25596 5aa7eb 20 API calls _abort 25575->25596 25578 5ad706 25597 5a51b9 26 API calls _abort 25578->25597 25580 5ad710 _abort 25580->25564 25581 5ad750 25598 5ad777 LeaveCriticalSection _abort 25581->25598 25583 5ad724 25583->25581 25589 5ad639 25583->25589 25585->25569 25586->25565 25587->25568 25588->25583 25590 5ac2f6 _abort 20 API calls 25589->25590 25592 5ad64b 25590->25592 25591 5ad658 25593 5aa66a _free 20 API calls 25591->25593 25592->25591 25599 5ac0ca 25592->25599 25595 5ad6aa 25593->25595 25595->25583 25596->25578 25597->25580 25598->25580 25600 5abe58 _abort 5 API calls 25599->25600 25601 5ac0f1 25600->25601 25602 5ac10f InitializeCriticalSectionAndSpinCount 25601->25602 25603 5ac0fa 25601->25603 25602->25603 25604 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25603->25604 25605 5ac126 25604->25605 25605->25592 25607 59ffd0 25606->25607 25608 591b8d GetModuleHandleW 25607->25608 25609 591ba8 GetProcAddress 25608->25609 25610 591c07 25608->25610 25611 591bd9 GetProcAddress 25609->25611 25612 591bc1 25609->25612 25613 591f34 GetModuleFileNameW 25610->25613 25713 5a89ee 42 API calls 2 library calls 25610->25713 25615 591beb 25611->25615 25612->25611 25622 591f52 25613->25622 25615->25610 25616 591e74 25616->25613 25617 591e7f GetModuleFileNameW CreateFileW 25616->25617 25618 591f28 CloseHandle 25617->25618 25619 591eaf SetFilePointer 25617->25619 25618->25613 25619->25618 25620 591ebd ReadFile 25619->25620 25620->25618 25624 591edb 25620->25624 25625 591fb4 GetFileAttributesW 25622->25625 25627 591f7d CompareStringW 25622->25627 25628 591fcc 25622->25628 25704 58c619 25622->25704 25707 591b3b 25622->25707 25624->25618 25626 591b3b 2 API calls 25624->25626 25625->25622 25625->25628 25626->25624 25627->25622 25629 591fd7 25628->25629 25632 59200c 25628->25632 25631 591ff0 GetFileAttributesW 25629->25631 25633 592008 25629->25633 25630 59211b 25654 59b65d GetCurrentDirectoryW 25630->25654 25631->25629 25631->25633 25632->25630 25634 58c619 GetVersionExW 25632->25634 25633->25632 25635 592026 25634->25635 25636 59202d 25635->25636 25637 592093 25635->25637 25639 591b3b 2 API calls 25636->25639 25638 584a20 _swprintf 51 API calls 25637->25638 25640 5920bb AllocConsole 25638->25640 25641 592037 25639->25641 25643 5920c8 GetCurrentProcessId AttachConsole 25640->25643 25644 592113 ExitProcess 25640->25644 25642 591b3b 2 API calls 25641->25642 25645 592041 25642->25645 25714 5a4fa3 25643->25714 25647 58f937 53 API calls 25645->25647 25649 59205c 25647->25649 25648 5920e9 GetStdHandle WriteConsoleW Sleep FreeConsole 25648->25644 25650 584a20 _swprintf 51 API calls 25649->25650 25651 59206f 25650->25651 25652 58f937 53 API calls 25651->25652 25653 59207e 25652->25653 25653->25644 25654->25445 25656 591b3b 2 API calls 25655->25656 25657 59bd2f OleInitialize 25656->25657 25658 59bd52 GdiplusStartup SHGetMalloc 25657->25658 25658->25447 25662 59d712 25659->25662 25660 59d828 25660->25456 25660->25457 25661 593307 CharUpperW 25661->25662 25662->25660 25662->25661 25716 590752 82 API calls _wcslen 25662->25716 25665 59ffd0 25664->25665 25666 59ed3b SetEnvironmentVariableW 25665->25666 25667 59ed5e 25666->25667 25668 59ed86 25667->25668 25669 59ed7a SetEnvironmentVariableW 25667->25669 25668->25450 25669->25668 25671 59c8fb GetObjectW 25670->25671 25672 59c8ee 25670->25672 25674 59c90a 25671->25674 25717 59b6d2 FindResourceW 25672->25717 25675 59b5d6 4 API calls 25674->25675 25677 59c91d 25675->25677 25678 59c960 25677->25678 25679 59c93c 25677->25679 25680 59b6d2 12 API calls 25677->25680 25689 58ed62 25678->25689 25731 59b615 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25679->25731 25682 59c92d 25680->25682 25682->25679 25684 59c933 DeleteObject 25682->25684 25683 59c944 25732 59b5f4 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25683->25732 25684->25679 25686 59c94d 25733 59b81c 8 API calls 25686->25733 25688 59c954 DeleteObject 25688->25678 25742 58ed87 25689->25742 25694 59a0d7 25695 59febe 27 API calls 25694->25695 25696 59a0f6 25695->25696 25696->25470 25698 59bdb0 GdiplusShutdown OleUninitialize 25697->25698 25698->25489 25700->25473 25701->25475 25702->25481 25703->25488 25705 58c669 25704->25705 25706 58c62d GetVersionExW 25704->25706 25705->25622 25706->25705 25708 59ffd0 25707->25708 25709 591b48 GetSystemDirectoryW 25708->25709 25710 591b7e 25709->25710 25711 591b60 25709->25711 25710->25622 25712 591b71 LoadLibraryW 25711->25712 25712->25710 25713->25616 25715 5a4fab 25714->25715 25715->25648 25715->25715 25716->25662 25718 59b7e3 25717->25718 25719 59b6f5 SizeofResource 25717->25719 25718->25671 25718->25674 25719->25718 25720 59b70c LoadResource 25719->25720 25720->25718 25721 59b721 LockResource 25720->25721 25721->25718 25722 59b732 GlobalAlloc 25721->25722 25722->25718 25723 59b74d GlobalLock 25722->25723 25724 59b7dc GlobalFree 25723->25724 25725 59b75c __InternalCxxFrameHandler 25723->25725 25724->25718 25726 59b7d5 GlobalUnlock 25725->25726 25734 59b636 GdipAlloc 25725->25734 25726->25724 25729 59b7aa GdipCreateHBITMAPFromBitmap 25730 59b7c0 25729->25730 25730->25726 25731->25683 25732->25686 25733->25688 25735 59b648 25734->25735 25736 59b655 25734->25736 25738 59b3c8 25735->25738 25736->25726 25736->25729 25736->25730 25739 59b3e9 GdipCreateBitmapFromStreamICM 25738->25739 25740 59b3f0 GdipCreateBitmapFromStream 25738->25740 25741 59b3f5 25739->25741 25740->25741 25741->25736 25743 58ed95 __EH_prolog 25742->25743 25744 58edc4 GetModuleFileNameW 25743->25744 25745 58edf5 25743->25745 25746 58edde 25744->25746 25788 58ab40 25745->25788 25746->25745 25748 58a801 80 API calls 25750 58ed6e 25748->25750 25749 58ee51 25799 5a7730 25749->25799 25786 58f5be GetModuleHandleW FindResourceW 25750->25786 25752 58ee25 25752->25749 25754 58f581 78 API calls 25752->25754 25766 58f06a 25752->25766 25753 58ee64 25755 5a7730 26 API calls 25753->25755 25754->25752 25763 58ee76 ___vcrt_InitializeCriticalSectionEx 25755->25763 25756 58efa5 25756->25766 25819 58b000 81 API calls 25756->25819 25758 58b110 79 API calls 25758->25763 25760 58efbf ___std_exception_copy 25761 58ae60 82 API calls 25760->25761 25760->25766 25764 58efe8 ___std_exception_copy 25761->25764 25763->25756 25763->25758 25763->25766 25813 58ae60 25763->25813 25818 58b000 81 API calls 25763->25818 25764->25766 25783 58eff3 _wcslen ___std_exception_copy ___vcrt_InitializeCriticalSectionEx 25764->25783 25820 592ed2 MultiByteToWideChar 25764->25820 25766->25748 25767 58f479 25771 58f4fe 25767->25771 25826 5aa09e 26 API calls 2 library calls 25767->25826 25769 58f48e 25827 5a8a18 26 API calls 2 library calls 25769->25827 25772 58f534 25771->25772 25778 58f581 78 API calls 25771->25778 25775 5a7730 26 API calls 25772->25775 25774 58f4e6 25828 58f59c 78 API calls 25774->25828 25777 58f54d 25775->25777 25779 5a7730 26 API calls 25777->25779 25778->25771 25779->25766 25781 5930f5 WideCharToMultiByte 25781->25783 25783->25766 25783->25767 25783->25781 25821 58f8d1 50 API calls __vsnprintf 25783->25821 25822 5a7571 26 API calls 3 library calls 25783->25822 25823 5aa09e 26 API calls 2 library calls 25783->25823 25824 5a8a18 26 API calls 2 library calls 25783->25824 25825 58f59c 78 API calls 25783->25825 25787 58ed75 25786->25787 25787->25694 25789 58ab4a 25788->25789 25790 58abab CreateFileW 25789->25790 25791 58abcc GetLastError 25790->25791 25792 58ac1b 25790->25792 25793 58cf32 GetCurrentDirectoryW 25791->25793 25795 58ac5f 25792->25795 25797 58ac45 SetFileTime 25792->25797 25794 58abec 25793->25794 25794->25792 25796 58abf0 CreateFileW GetLastError 25794->25796 25795->25752 25796->25792 25798 58ac15 25796->25798 25797->25795 25798->25792 25800 5a7769 25799->25800 25801 5a776d 25800->25801 25812 5a7795 25800->25812 25829 5aa7eb 20 API calls _abort 25801->25829 25803 5a7ab9 25806 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25803->25806 25804 5a7772 25830 5a51b9 26 API calls _abort 25804->25830 25807 5a7ac6 25806->25807 25807->25753 25808 5a777d 25809 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25808->25809 25811 5a7789 25809->25811 25811->25753 25812->25803 25831 5a7650 5 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 25812->25831 25815 58ae6c 25813->25815 25817 58ae73 25813->25817 25814 58a9e5 GetStdHandle ReadFile GetLastError GetLastError GetFileType 25814->25817 25815->25763 25817->25814 25817->25815 25832 5877bd 77 API calls 25817->25832 25818->25763 25819->25760 25820->25783 25821->25783 25822->25783 25823->25783 25824->25783 25825->25783 25826->25769 25827->25774 25828->25771 25829->25804 25830->25808 25831->25812 25832->25817 25834 5a90a3 _unexpected 25833->25834 25835 5a90aa 25834->25835 25836 5a90bc 25834->25836 25869 5a91f1 GetModuleHandleW 25835->25869 25857 5abdf1 EnterCriticalSection 25836->25857 25839 5a90af 25839->25836 25870 5a9235 GetModuleHandleExW 25839->25870 25840 5a9161 25858 5a91a1 25840->25858 25843 5a9138 25848 5a9150 25843->25848 25852 5a9e61 _abort 5 API calls 25843->25852 25846 5a91aa 25879 5b3550 5 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 25846->25879 25847 5a917e 25861 5a91b0 25847->25861 25853 5a9e61 _abort 5 API calls 25848->25853 25852->25848 25853->25840 25854 5a90c3 25854->25840 25854->25843 25878 5a9bb0 20 API calls _abort 25854->25878 25857->25854 25880 5abe41 LeaveCriticalSection 25858->25880 25860 5a917a 25860->25846 25860->25847 25881 5ac236 25861->25881 25864 5a91de 25867 5a9235 _abort 8 API calls 25864->25867 25865 5a91be GetPEB 25865->25864 25866 5a91ce GetCurrentProcess TerminateProcess 25865->25866 25866->25864 25868 5a91e6 ExitProcess 25867->25868 25869->25839 25871 5a925f GetProcAddress 25870->25871 25872 5a9282 25870->25872 25873 5a9274 25871->25873 25874 5a9288 FreeLibrary 25872->25874 25875 5a9291 25872->25875 25873->25872 25874->25875 25876 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25875->25876 25877 5a90bb 25876->25877 25877->25836 25878->25843 25880->25860 25882 5ac25b 25881->25882 25886 5ac251 25881->25886 25883 5abe58 _abort 5 API calls 25882->25883 25883->25886 25884 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25885 5a91ba 25884->25885 25885->25864 25885->25865 25886->25884 25989 59b410 GdipDisposeImage GdipFree 25887 5ad211 31 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 26064 59c316 GetDlgItem EnableWindow ShowWindow SendMessageW 25891 58b20a 25892 58b218 25891->25892 25893 58b21f 25891->25893 25894 58b22c GetStdHandle 25893->25894 25901 58b23b 25893->25901 25894->25901 25895 58b293 WriteFile 25895->25901 25896 58b25f 25897 58b264 WriteFile 25896->25897 25896->25901 25897->25896 25897->25901 25899 58b325 25903 587951 77 API calls 25899->25903 25901->25892 25901->25895 25901->25896 25901->25897 25901->25899 25902 58765a 78 API calls 25901->25902 25902->25901 25903->25892 26065 592f0b GetCPInfo IsDBCSLeadByte 25990 581800 86 API calls Concurrency::cancel_current_task 26048 5a0600 27 API calls 25907 59f002 25908 59f00f 25907->25908 25909 58f937 53 API calls 25908->25909 25910 59f01c 25909->25910 25911 584a20 _swprintf 51 API calls 25910->25911 25912 59f031 SetDlgItemTextW 25911->25912 25913 59c758 5 API calls 25912->25913 25914 59f04e 25913->25914 26023 5b3100 CloseHandle 25920 58213d 25921 582148 25920->25921 25923 582150 25920->25923 25926 582162 27 API calls Concurrency::cancel_current_task 25921->25926 25924 58214e 25923->25924 25925 59febe 27 API calls 25923->25925 25925->25924 25926->25924 25929 59f431 25930 59f335 25929->25930 25931 59f9e9 ___delayLoadHelper2@8 14 API calls 25930->25931 25931->25930 25992 582430 26 API calls std::bad_exception::bad_exception 26068 5a0733 20 API calls 26069 5a9330 52 API calls 3 library calls 26025 590534 FreeLibrary 25993 582037 142 API calls __EH_prolog 26051 5a962a 55 API calls _free 25947 59f32b 14 API calls ___delayLoadHelper2@8 25949 58ca2e 25950 58ca40 _abort 25949->25950 25953 5923fb 25950->25953 25956 5923bd GetCurrentProcess GetProcessAffinityMask 25953->25956 25957 58ca97 25956->25957 25994 59742e 137 API calls __InternalCxxFrameHandler 26026 586920 41 API calls __EH_prolog 25995 59d420 91 API calls _swprintf 25961 5aa620 25969 5abf6f 25961->25969 25965 5aa63c 25966 5aa649 25965->25966 25977 5aa650 11 API calls 25965->25977 25968 5aa634 25970 5abe58 _abort 5 API calls 25969->25970 25971 5abf96 25970->25971 25972 5abfae TlsAlloc 25971->25972 25973 5abf9f 25971->25973 25972->25973 25974 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25973->25974 25975 5aa62a 25974->25975 25975->25968 25976 5aa599 20 API calls 2 library calls 25975->25976 25976->25965 25977->25968 25996 581025 29 API calls 24023 59c9d0 24024 59c9da __EH_prolog 24023->24024 24194 5812f6 24024->24194 24027 59d10b 24283 59e7ee 24027->24283 24028 59ca1a 24030 59ca31 24028->24030 24032 59ca28 24028->24032 24033 59ca8b 24028->24033 24037 59ca68 24032->24037 24038 59ca2c 24032->24038 24036 59cb1e GetDlgItemTextW 24033->24036 24042 59caa1 24033->24042 24034 59d134 24040 59d13d SendDlgItemMessageW 24034->24040 24041 59d14e GetDlgItem SendMessageW 24034->24041 24035 59d126 SendMessageW 24035->24034 24036->24037 24039 59cb5b 24036->24039 24037->24030 24045 59cb4f EndDialog 24037->24045 24038->24030 24043 58f937 53 API calls 24038->24043 24046 59cb70 GetDlgItem 24039->24046 24192 59cb64 24039->24192 24040->24041 24301 59b65d GetCurrentDirectoryW 24041->24301 24047 58f937 53 API calls 24042->24047 24048 59ca4b 24043->24048 24045->24030 24050 59cb84 SendMessageW SendMessageW 24046->24050 24051 59cba7 SetFocus 24046->24051 24052 59cabe SetDlgItemTextW 24047->24052 24323 58122f SHGetMalloc 24048->24323 24049 59d17e GetDlgItem 24054 59d19b 24049->24054 24055 59d1a1 SetWindowTextW 24049->24055 24050->24051 24056 59cbb7 24051->24056 24067 59cbc3 24051->24067 24057 59cac9 24052->24057 24054->24055 24302 59bbc0 GetClassNameW 24055->24302 24058 58f937 53 API calls 24056->24058 24057->24030 24061 59cad6 GetMessageW 24057->24061 24062 59cbc1 24058->24062 24059 59d051 24063 58f937 53 API calls 24059->24063 24061->24030 24066 59caed IsDialogMessageW 24061->24066 24204 59e619 24062->24204 24069 59d061 SetDlgItemTextW 24063->24069 24066->24057 24071 59cafc TranslateMessage DispatchMessageW 24066->24071 24074 58f937 53 API calls 24067->24074 24068 59d3f8 SetDlgItemTextW 24068->24030 24073 59d075 24069->24073 24071->24057 24076 58f937 53 API calls 24073->24076 24078 59cbfa 24074->24078 24075 59cc1d 24079 59cc51 24075->24079 24324 58b4c1 24075->24324 24112 59d098 _wcslen 24076->24112 24077 59d1ec 24081 59d21c 24077->24081 24085 58f937 53 API calls 24077->24085 24082 584a20 _swprintf 51 API calls 24078->24082 24214 58b341 24079->24214 24080 59d884 97 API calls 24080->24077 24090 59d884 97 API calls 24081->24090 24146 59d2d4 24081->24146 24082->24062 24089 59d1ff SetDlgItemTextW 24085->24089 24086 59d387 24092 59d399 24086->24092 24093 59d390 EnableWindow 24086->24093 24097 58f937 53 API calls 24089->24097 24098 59d237 24090->24098 24091 59cc4b 24327 59beff CreateDirectoryW LocalFree GetCurrentProcess GetLastError 24091->24327 24100 59d3b6 24092->24100 24336 5812b3 GetDlgItem EnableWindow 24092->24336 24093->24092 24094 59d0e9 24103 58f937 53 API calls 24094->24103 24095 59cc6a GetLastError 24096 59cc75 24095->24096 24220 59bc19 SetCurrentDirectoryW 24096->24220 24101 59d213 SetDlgItemTextW 24097->24101 24104 59d249 24098->24104 24133 59d26e 24098->24133 24107 59d3dd 24100->24107 24120 59d3d5 SendMessageW 24100->24120 24101->24081 24103->24030 24334 59aef5 32 API calls 24104->24334 24105 59d2c7 24109 59d884 97 API calls 24105->24109 24107->24030 24117 58f937 53 API calls 24107->24117 24108 59cc89 24113 59cca0 24108->24113 24114 59cc92 GetLastError 24108->24114 24109->24146 24111 59d3ac 24337 5812b3 GetDlgItem EnableWindow 24111->24337 24112->24094 24119 58f937 53 API calls 24112->24119 24115 59cd17 24113->24115 24122 59cd26 24113->24122 24124 59ccb0 GetTickCount 24113->24124 24114->24113 24121 59cf52 24115->24121 24115->24122 24116 59d262 24116->24133 24125 59ca52 24117->24125 24126 59d0cc 24119->24126 24120->24107 24239 5812d1 GetDlgItem ShowWindow 24121->24239 24128 59cef7 24122->24128 24130 59ceed 24122->24130 24131 59cd3f GetModuleFileNameW 24122->24131 24123 59d365 24335 59aef5 32 API calls 24123->24335 24221 584a20 24124->24221 24125->24030 24125->24068 24134 584a20 _swprintf 51 API calls 24126->24134 24137 58f937 53 API calls 24128->24137 24130->24037 24130->24128 24328 5905ed 82 API calls 24131->24328 24133->24105 24138 59d884 97 API calls 24133->24138 24134->24094 24135 59d384 24135->24086 24144 59cf01 24137->24144 24145 59d29c 24138->24145 24139 59cf62 24240 5812d1 GetDlgItem ShowWindow 24139->24240 24140 59cccd 24224 58a8ce 24140->24224 24141 58f937 53 API calls 24141->24146 24143 59cd67 24147 584a20 _swprintf 51 API calls 24143->24147 24148 584a20 _swprintf 51 API calls 24144->24148 24145->24105 24149 59d2a5 DialogBoxParamW 24145->24149 24146->24086 24146->24123 24146->24141 24152 59cd89 CreateFileMappingW 24147->24152 24154 59cf1f 24148->24154 24149->24037 24149->24105 24150 59cf6c 24241 58f937 24150->24241 24155 59cde7 GetCommandLineW 24152->24155 24187 59ce5e __InternalCxxFrameHandler 24152->24187 24164 58f937 53 API calls 24154->24164 24160 59cdf8 24155->24160 24157 59ccf3 24161 59cd05 24157->24161 24162 59ccfa GetLastError 24157->24162 24158 59ce69 ShellExecuteExW 24185 59ce84 24158->24185 24329 59c615 SHGetMalloc 24160->24329 24232 58a801 24161->24232 24162->24161 24170 59cf39 24164->24170 24165 59cf88 SetDlgItemTextW GetDlgItem 24167 59cfbd 24165->24167 24168 59cfa5 GetWindowLongW SetWindowLongW 24165->24168 24246 59d884 24167->24246 24168->24167 24169 59ce14 24330 59c615 SHGetMalloc 24169->24330 24174 59ce20 24331 59c615 SHGetMalloc 24174->24331 24176 59cec7 24176->24130 24180 59cedd UnmapViewOfFile CloseHandle 24176->24180 24177 59d884 97 API calls 24179 59cfd9 24177->24179 24178 59ce2c 24332 59069c 82 API calls 24178->24332 24271 59eba2 24179->24271 24180->24130 24184 59ce3d MapViewOfFile 24184->24187 24185->24176 24188 59ceb3 Sleep 24185->24188 24186 59d884 97 API calls 24191 59cfff 24186->24191 24187->24158 24188->24176 24188->24185 24189 59d028 24333 5812b3 GetDlgItem EnableWindow 24189->24333 24191->24189 24193 59d884 97 API calls 24191->24193 24192->24037 24192->24059 24193->24189 24195 581358 24194->24195 24196 5812ff 24194->24196 24339 58f5e1 GetWindowLongW SetWindowLongW 24195->24339 24197 581365 24196->24197 24338 58f608 62 API calls 2 library calls 24196->24338 24197->24027 24197->24028 24197->24030 24200 581321 24200->24197 24201 581334 GetDlgItem 24200->24201 24201->24197 24202 581344 24201->24202 24202->24197 24203 58134a SetWindowTextW 24202->24203 24203->24197 24340 59c758 PeekMessageW 24204->24340 24207 59e67b SendMessageW SendMessageW 24209 59e6b7 24207->24209 24210 59e6d6 SendMessageW SendMessageW SendMessageW 24207->24210 24208 59e647 24211 59e652 ShowWindow SendMessageW SendMessageW 24208->24211 24209->24210 24212 59e709 SendMessageW 24210->24212 24213 59e72c SendMessageW 24210->24213 24211->24207 24212->24213 24213->24075 24217 58b34b 24214->24217 24215 58b3dc 24216 58b542 8 API calls 24215->24216 24218 58b405 24215->24218 24216->24218 24217->24215 24217->24218 24345 58b542 24217->24345 24218->24095 24218->24096 24220->24108 24372 5849f3 24221->24372 24225 58a8d8 24224->24225 24226 58a935 CreateFileW 24225->24226 24227 58a929 24225->24227 24226->24227 24228 58a97f 24227->24228 24229 58cf32 GetCurrentDirectoryW 24227->24229 24228->24157 24230 58a964 24229->24230 24230->24228 24231 58a968 CreateFileW 24230->24231 24231->24228 24233 58a825 24232->24233 24238 58a836 24232->24238 24234 58a838 24233->24234 24235 58a831 24233->24235 24233->24238 24464 58a880 24234->24464 24459 58a9ae 24235->24459 24238->24115 24239->24139 24240->24150 24242 58f947 24241->24242 24479 58f968 24242->24479 24245 5812d1 GetDlgItem ShowWindow 24245->24165 24247 59d88e __EH_prolog 24246->24247 24248 59cfcb 24247->24248 24502 59c504 24247->24502 24248->24177 24251 59c504 ExpandEnvironmentStringsW 24258 59d8c5 _wcslen _wcsrchr 24251->24258 24252 59dbac SetWindowTextW 24252->24258 24257 59d99a SetFileAttributesW 24259 59da54 GetFileAttributesW 24257->24259 24270 59d9b4 _abort _wcslen 24257->24270 24258->24248 24258->24251 24258->24252 24258->24257 24258->24270 24506 593316 CompareStringW 24258->24506 24507 5a521e 24258->24507 24520 59b65d GetCurrentDirectoryW 24258->24520 24522 58b9ca 6 API calls 24258->24522 24523 58b953 FindClose 24258->24523 24524 59c67e 24258->24524 24259->24258 24262 59da66 DeleteFileW 24259->24262 24262->24258 24264 59da77 24262->24264 24263 59dd76 GetDlgItem SetWindowTextW SendMessageW 24263->24270 24265 584a20 _swprintf 51 API calls 24264->24265 24267 59da97 GetFileAttributesW 24265->24267 24266 59ddb6 SendMessageW 24266->24258 24267->24264 24268 59daac MoveFileW 24267->24268 24268->24258 24269 59dac4 MoveFileExW 24268->24269 24269->24258 24270->24258 24270->24259 24270->24263 24270->24266 24521 58cdc0 51 API calls 2 library calls 24270->24521 24272 59ebac __EH_prolog 24271->24272 24542 591983 24272->24542 24274 59ebdd 24546 5864ed 24274->24546 24276 59ebfb 24550 588823 24276->24550 24280 59ec4e 24568 58890a 24280->24568 24282 59cfea 24282->24186 24284 59e7f8 24283->24284 25121 59b5d6 24284->25121 24287 59e805 GetWindow 24288 59d111 24287->24288 24289 59e825 24287->24289 24288->24034 24288->24035 24289->24288 24290 59e832 GetClassNameW 24289->24290 24292 59e8ba GetWindow 24289->24292 24293 59e856 GetWindowLongW 24289->24293 25126 593316 CompareStringW 24290->25126 24292->24288 24292->24289 24293->24292 24294 59e866 SendMessageW 24293->24294 24294->24292 24295 59e87c GetObjectW 24294->24295 25127 59b615 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 24295->25127 24297 59e893 25128 59b5f4 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 24297->25128 25129 59b81c 8 API calls 24297->25129 24300 59e8a4 SendMessageW DeleteObject 24300->24292 24301->24049 24303 59bbe1 24302->24303 24309 59bc06 24302->24309 25132 593316 CompareStringW 24303->25132 24305 59bc0b SHAutoComplete 24306 59bc14 24305->24306 24310 59c217 24306->24310 24307 59bbf4 24308 59bbf8 FindWindowExW 24307->24308 24307->24309 24308->24309 24309->24305 24309->24306 24311 59c221 __EH_prolog 24310->24311 24312 5813f8 43 API calls 24311->24312 24313 59c243 24312->24313 25133 582083 24313->25133 24316 59c25d 24318 581641 86 API calls 24316->24318 24317 59c26c 24319 581a7e 142 API calls 24317->24319 24321 59c268 24318->24321 24322 59c28b __InternalCxxFrameHandler ___std_exception_copy 24319->24322 24320 581641 86 API calls 24320->24321 24321->24077 24321->24080 24322->24320 24323->24125 25141 58b4d3 24324->25141 24327->24079 24328->24143 24329->24169 24330->24174 24331->24178 24332->24184 24333->24192 24334->24116 24335->24135 24336->24111 24337->24100 24338->24200 24339->24197 24341 59c7ac GetDlgItem 24340->24341 24342 59c773 GetMessageW 24340->24342 24341->24207 24341->24208 24343 59c789 IsDialogMessageW 24342->24343 24344 59c798 TranslateMessage DispatchMessageW 24342->24344 24343->24341 24343->24344 24344->24341 24346 58b54f 24345->24346 24347 58b573 24346->24347 24349 58b566 CreateDirectoryW 24346->24349 24348 58b4c1 3 API calls 24347->24348 24351 58b579 24348->24351 24349->24347 24350 58b5a6 24349->24350 24353 58b5b5 24350->24353 24362 58b8e6 24350->24362 24352 58b5b9 GetLastError 24351->24352 24358 58cf32 24351->24358 24352->24353 24353->24217 24356 58b58f 24356->24352 24357 58b593 CreateDirectoryW 24356->24357 24357->24350 24357->24352 24359 58cf3f _wcslen 24358->24359 24360 58cfe7 GetCurrentDirectoryW 24359->24360 24361 58cf68 _wcslen 24359->24361 24360->24361 24361->24356 24370 59ffd0 24362->24370 24365 58b909 24367 58cf32 GetCurrentDirectoryW 24365->24367 24366 58b936 24366->24353 24368 58b91d 24367->24368 24368->24366 24369 58b921 SetFileAttributesW 24368->24369 24369->24366 24371 58b8f3 SetFileAttributesW 24370->24371 24371->24365 24371->24366 24373 584a0a __vsnwprintf_l 24372->24373 24376 5a72e2 24373->24376 24379 5a53a5 24376->24379 24380 5a53cd 24379->24380 24381 5a53e5 24379->24381 24403 5aa7eb 20 API calls _abort 24380->24403 24381->24380 24383 5a53ed 24381->24383 24405 5a5944 24383->24405 24385 5a53d2 24404 5a51b9 26 API calls _abort 24385->24404 24388 5a53dd 24396 5a0d7c 24388->24396 24391 5a5475 24414 5a5cf4 51 API calls 3 library calls 24391->24414 24392 584a14 24392->24140 24395 5a5480 24415 5a59c7 20 API calls _free 24395->24415 24397 5a0d84 24396->24397 24398 5a0d85 IsProcessorFeaturePresent 24396->24398 24397->24392 24400 5a0dc7 24398->24400 24416 5a0d8a SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 24400->24416 24402 5a0eaa 24402->24392 24403->24385 24404->24388 24406 5a5961 24405->24406 24407 5a53fd 24405->24407 24406->24407 24417 5aa515 GetLastError 24406->24417 24413 5a590f 20 API calls 2 library calls 24407->24413 24409 5a5982 24437 5aaaf6 38 API calls __fassign 24409->24437 24411 5a599b 24438 5aab23 38 API calls __fassign 24411->24438 24413->24391 24414->24395 24415->24388 24416->24402 24418 5aa52b 24417->24418 24419 5aa531 24417->24419 24439 5ac01b 11 API calls 2 library calls 24418->24439 24422 5aa580 SetLastError 24419->24422 24440 5ac2f6 24419->24440 24422->24409 24423 5aa54b 24447 5aa66a 24423->24447 24427 5aa560 24427->24423 24429 5aa567 24427->24429 24428 5aa551 24430 5aa58c SetLastError 24428->24430 24454 5aa380 20 API calls _abort 24429->24454 24455 5aa0f4 38 API calls _abort 24430->24455 24432 5aa572 24434 5aa66a _free 20 API calls 24432->24434 24436 5aa579 24434->24436 24436->24422 24436->24430 24437->24411 24438->24407 24439->24419 24445 5ac303 _abort 24440->24445 24441 5ac343 24457 5aa7eb 20 API calls _abort 24441->24457 24442 5ac32e RtlAllocateHeap 24443 5aa543 24442->24443 24442->24445 24443->24423 24453 5ac071 11 API calls 2 library calls 24443->24453 24445->24441 24445->24442 24456 5a8e5c 7 API calls 2 library calls 24445->24456 24448 5aa675 RtlFreeHeap 24447->24448 24452 5aa69e __dosmaperr 24447->24452 24449 5aa68a 24448->24449 24448->24452 24458 5aa7eb 20 API calls _abort 24449->24458 24451 5aa690 GetLastError 24451->24452 24452->24428 24453->24427 24454->24432 24456->24445 24457->24443 24458->24451 24460 58a9e1 24459->24460 24461 58a9b7 24459->24461 24460->24238 24461->24460 24470 58b470 24461->24470 24465 58a88c 24464->24465 24466 58a8aa 24464->24466 24465->24466 24468 58a898 FindCloseChangeNotification 24465->24468 24467 58a8c9 24466->24467 24478 587685 76 API calls 24466->24478 24467->24238 24468->24466 24471 59ffd0 24470->24471 24472 58b47d DeleteFileW 24471->24472 24473 58a9df 24472->24473 24474 58b490 24472->24474 24473->24238 24475 58cf32 GetCurrentDirectoryW 24474->24475 24476 58b4a4 24475->24476 24476->24473 24477 58b4a8 DeleteFileW 24476->24477 24477->24473 24478->24467 24485 58ecd0 24479->24485 24482 58f98b LoadStringW 24483 58f965 SetDlgItemTextW 24482->24483 24484 58f9a2 LoadStringW 24482->24484 24483->24245 24484->24483 24490 58ec0c 24485->24490 24487 58eced 24488 58ed02 24487->24488 24498 58ed10 26 API calls 24487->24498 24488->24482 24488->24483 24491 58ec24 24490->24491 24497 58eca4 _strncpy 24490->24497 24492 58ec48 24491->24492 24499 5930f5 WideCharToMultiByte 24491->24499 24494 58ec79 24492->24494 24500 58f8d1 50 API calls __vsnprintf 24492->24500 24501 5a7571 26 API calls 3 library calls 24494->24501 24497->24487 24498->24488 24499->24492 24500->24494 24501->24497 24503 59c50e 24502->24503 24504 59c5e0 ExpandEnvironmentStringsW 24503->24504 24505 59c5fd 24503->24505 24504->24505 24505->24258 24506->24258 24508 5aa6a4 24507->24508 24509 5aa6bc 24508->24509 24510 5aa6b1 24508->24510 24511 5aa6c4 24509->24511 24519 5aa6cd _abort 24509->24519 24530 5aa7fe 24510->24530 24513 5aa66a _free 20 API calls 24511->24513 24516 5aa6b9 24513->24516 24514 5aa6d2 24537 5aa7eb 20 API calls _abort 24514->24537 24515 5aa6f7 RtlReAllocateHeap 24515->24516 24515->24519 24516->24258 24519->24514 24519->24515 24538 5a8e5c 7 API calls 2 library calls 24519->24538 24520->24258 24521->24270 24522->24258 24523->24258 24525 59c688 ___std_exception_copy 24524->24525 24529 59c6a7 _wcslen 24525->24529 24541 58775a 75 API calls 24525->24541 24527 59c504 ExpandEnvironmentStringsW 24527->24529 24528 59c749 24528->24258 24529->24527 24529->24528 24531 5aa83c 24530->24531 24536 5aa80c _abort 24530->24536 24540 5aa7eb 20 API calls _abort 24531->24540 24533 5aa827 RtlAllocateHeap 24534 5aa83a 24533->24534 24533->24536 24534->24516 24536->24531 24536->24533 24539 5a8e5c 7 API calls 2 library calls 24536->24539 24537->24516 24538->24519 24539->24536 24540->24534 24541->24529 24543 591990 _wcslen 24542->24543 24577 581895 24543->24577 24545 5919a8 24545->24274 24547 591983 _wcslen 24546->24547 24548 581895 78 API calls 24547->24548 24549 5919a8 24548->24549 24549->24276 24551 58882d __EH_prolog 24550->24551 24590 58e298 24551->24590 24553 588855 24596 59febe 24553->24596 24555 588899 _abort 24556 59febe 27 API calls 24555->24556 24557 5888c0 24556->24557 24609 595c64 24557->24609 24560 588a38 24561 588a42 24560->24561 24562 588ab5 24561->24562 24642 58b966 24561->24642 24565 588b1a 24562->24565 24620 5890a2 24562->24620 24564 588b5c 24564->24280 24565->24564 24648 581397 74 API calls 24565->24648 25117 58a41a 24568->25117 24570 58892b 24571 593546 86 API calls 24570->24571 24572 58893c Concurrency::cancel_current_task 24570->24572 24571->24572 24573 582111 26 API calls 24572->24573 24574 588963 24573->24574 24575 58e339 86 API calls 24574->24575 24576 58896b 24575->24576 24576->24282 24578 5818ff 24577->24578 24579 5818a7 24577->24579 24578->24545 24580 5818d0 24579->24580 24587 5876e9 76 API calls __vswprintf_c_l 24579->24587 24581 5a521e 22 API calls 24580->24581 24583 5818f0 24581->24583 24583->24578 24589 58775a 75 API calls 24583->24589 24584 5818c6 24588 58775a 75 API calls 24584->24588 24587->24584 24588->24580 24589->24578 24591 58e2a2 __EH_prolog 24590->24591 24592 59febe 27 API calls 24591->24592 24594 58e2e5 24592->24594 24593 59febe 27 API calls 24595 58e309 24593->24595 24594->24593 24595->24553 24598 59fec3 ___std_exception_copy 24596->24598 24597 59fedd 24597->24555 24598->24597 24600 59fedf 24598->24600 24617 5a8e5c 7 API calls 2 library calls 24598->24617 24601 5848f5 Concurrency::cancel_current_task 24600->24601 24603 59fee9 24600->24603 24615 5a3340 RaiseException 24601->24615 24618 5a3340 RaiseException 24603->24618 24604 584911 24606 584927 24604->24606 24616 58136b 26 API calls Concurrency::cancel_current_task 24604->24616 24606->24555 24607 5a0820 24610 595c6e __EH_prolog 24609->24610 24611 59febe 27 API calls 24610->24611 24612 595c8a 24611->24612 24613 5888f2 24612->24613 24619 592166 80 API calls 24612->24619 24613->24560 24615->24604 24616->24606 24617->24598 24618->24607 24619->24613 24621 5890ac __EH_prolog 24620->24621 24649 5813f8 24621->24649 24623 5890c8 24624 5890d9 24623->24624 24808 58b1d2 24623->24808 24628 589110 24624->24628 24659 581ad3 24624->24659 24627 58910c 24627->24628 24678 582032 24627->24678 24800 581641 24628->24800 24634 589211 24634->24628 24687 584264 24634->24687 24699 5892c6 24634->24699 24639 58b966 7 API calls 24640 589139 24639->24640 24640->24639 24641 5891b2 24640->24641 24812 58d4d2 CompareStringW _wcslen 24640->24812 24682 58924e 24641->24682 24643 58b97b 24642->24643 24644 58b9a9 24643->24644 25106 58ba94 24643->25106 24644->24561 24646 58b98b 24646->24644 24647 58b990 FindClose 24646->24647 24647->24644 24648->24564 24650 5813fd __EH_prolog 24649->24650 24651 58e298 27 API calls 24650->24651 24652 581437 24651->24652 24653 59febe 27 API calls 24652->24653 24656 5814ab 24652->24656 24654 581498 24653->24654 24654->24656 24814 58644d 24654->24814 24822 58c1f7 24656->24822 24657 581533 _abort 24657->24623 24660 581add __EH_prolog 24659->24660 24672 581b30 24660->24672 24675 581c63 24660->24675 24847 5813d9 24660->24847 24662 581c9e 24859 581397 74 API calls 24662->24859 24665 584264 115 API calls 24669 581ce9 24665->24669 24666 581cab 24666->24665 24666->24675 24667 581d31 24671 581d64 24667->24671 24667->24675 24860 581397 74 API calls 24667->24860 24669->24667 24670 584264 115 API calls 24669->24670 24670->24669 24671->24675 24677 58b110 79 API calls 24671->24677 24672->24662 24672->24666 24672->24675 24673 584264 115 API calls 24674 581db5 24673->24674 24674->24673 24674->24675 24675->24627 24677->24674 24679 582037 __EH_prolog 24678->24679 24680 582068 24679->24680 24876 581a7e 24679->24876 24680->24640 25022 58e395 24682->25022 24684 58925e 25026 592701 GetSystemTime SystemTimeToFileTime 24684->25026 24686 5891cc 24686->24634 24813 592eb4 72 API calls 24686->24813 24688 584270 24687->24688 24689 584274 24687->24689 24688->24634 24698 58b110 79 API calls 24689->24698 24690 584286 24691 5842af 24690->24691 24692 5842a1 24690->24692 25032 582eb6 115 API calls 3 library calls 24691->25032 24694 5842e1 24692->24694 25031 58395a 103 API calls 3 library calls 24692->25031 24694->24634 24696 5842ad 24696->24694 25033 582544 74 API calls 24696->25033 24698->24690 24700 5892d0 __EH_prolog 24699->24700 24703 58930e 24700->24703 24726 58973d Concurrency::cancel_current_task 24700->24726 25052 599cad 117 API calls 24700->25052 24701 58a18d 24704 58a192 24701->24704 24705 58a1c5 24701->24705 24703->24701 24707 58932f 24703->24707 24703->24726 24704->24726 25081 588675 166 API calls 24704->25081 24705->24726 25082 599cad 117 API calls 24705->25082 24707->24726 25034 5866df 24707->25034 24710 589545 24713 589669 24710->24713 24710->24726 25055 588f6b 38 API calls 24710->25055 24712 589405 24712->24710 25053 58b5d6 57 API calls 3 library calls 24712->25053 24719 58b966 7 API calls 24713->24719 24721 5896db 24713->24721 24717 5895ac 25054 5a8a18 26 API calls 2 library calls 24717->25054 24719->24721 24720 589935 25062 58e4a9 96 API calls 24720->25062 25040 5889c8 24721->25040 24724 58976c 24730 5897c5 24724->24730 25056 584727 27 API calls 2 library calls 24724->25056 24726->24634 24728 589a3a 24734 589a8c 24728->24734 24742 589a45 24728->24742 24729 589990 24729->24728 24736 5899bb 24729->24736 24730->24726 24732 5898f4 Concurrency::cancel_current_task 24730->24732 24748 5898ed 24730->24748 25057 5887fb 41 API calls 24730->25057 25058 58e4a9 96 API calls 24730->25058 25059 58237a 74 API calls 24730->25059 25060 588f28 98 API calls 24730->25060 24732->24729 25063 58851f 50 API calls 2 library calls 24732->25063 24749 589a2c 24734->24749 25066 588db3 119 API calls 24734->25066 24735 589ae8 24743 589b53 24735->24743 24788 58a14a 24735->24788 25067 58ab1c 24735->25067 24736->24735 24738 58b4c1 3 API calls 24736->24738 24736->24749 24737 58a801 80 API calls 24737->24726 24744 5899f3 24738->24744 24739 58a801 80 API calls 24739->24726 24741 589a8a 24741->24737 24742->24741 25065 588b7c 123 API calls 24742->25065 24745 58bf0a 27 API calls 24743->24745 24744->24749 25064 58a50a 97 API calls 24744->25064 24747 589ba2 24745->24747 24752 58bf0a 27 API calls 24747->24752 25061 58237a 74 API calls 24748->25061 24749->24735 24749->24741 24765 589bb8 24752->24765 24757 589b41 25071 587951 77 API calls 24757->25071 24759 589c8b 24760 589e85 24759->24760 24761 589ce7 24759->24761 24762 589eab 24760->24762 24763 589e97 24760->24763 24785 589d20 24760->24785 24764 589cff 24761->24764 24769 589da7 24761->24769 24768 594586 75 API calls 24762->24768 24766 58a475 137 API calls 24763->24766 24767 589d46 24764->24767 24773 589d0e 24764->24773 24765->24759 24770 589c62 24765->24770 24778 58aa7a 79 API calls 24765->24778 24766->24785 24767->24785 25074 58829b 111 API calls 24767->25074 24771 589ec4 24768->24771 25075 588f6b 38 API calls 24769->25075 24770->24759 25072 58ac9c 82 API calls 24770->25072 24775 59422f 137 API calls 24771->24775 25073 58237a 74 API calls 24773->25073 24775->24785 24776 589e76 24776->24634 24778->24770 24780 589dec 24781 589e08 24780->24781 24782 589e1f 24780->24782 24780->24785 25076 588037 85 API calls 24781->25076 25077 58a212 103 API calls __EH_prolog 24782->25077 24785->24776 24789 589fca 24785->24789 25078 58237a 74 API calls 24785->25078 24787 58a0d5 24787->24788 24790 58b8e6 3 API calls 24787->24790 24788->24739 24789->24787 24789->24788 24791 58a083 24789->24791 25046 58b199 SetEndOfFile 24789->25046 24794 58a130 24790->24794 25047 58b032 24791->25047 24794->24788 25079 58237a 74 API calls 24794->25079 24795 58a0ca 24797 58a880 77 API calls 24795->24797 24797->24787 24798 58a140 25080 587871 76 API calls 24798->25080 24801 581653 24800->24801 24803 581665 Concurrency::cancel_current_task 24800->24803 24801->24803 25096 5816b2 26 API calls 24801->25096 24804 582111 26 API calls 24803->24804 24805 581694 24804->24805 25097 58e339 24805->25097 24809 58b1e9 24808->24809 24810 58b1f3 24809->24810 25105 5877af 78 API calls 24809->25105 24810->24624 24812->24640 24813->24634 24815 586457 __EH_prolog 24814->24815 24828 58c9d8 GetCurrentProcess GetProcessAffinityMask 24815->24828 24817 586464 24829 5904e5 24817->24829 24819 5864bb 24833 58665c GetCurrentProcess GetProcessAffinityMask 24819->24833 24821 5864d8 24821->24656 24823 58c20d _abort 24822->24823 24835 58c0d3 24823->24835 24828->24817 24830 5904ef __EH_prolog 24829->24830 24834 584846 41 API calls 24830->24834 24832 59050b 24832->24819 24833->24821 24834->24832 24842 58c0b4 24835->24842 24837 58c148 24838 582111 24837->24838 24839 58212b 24838->24839 24840 58211c 24838->24840 24839->24657 24846 58136b 26 API calls Concurrency::cancel_current_task 24840->24846 24843 58c0bd 24842->24843 24845 58c0c2 24842->24845 24844 582111 26 API calls 24843->24844 24844->24845 24845->24837 24846->24839 24861 581822 24847->24861 24850 58b110 24851 58b122 24850->24851 24854 58b135 24850->24854 24855 58b140 24851->24855 24874 587800 77 API calls 24851->24874 24853 58b148 SetFilePointer 24853->24855 24856 58b164 GetLastError 24853->24856 24854->24853 24854->24855 24855->24672 24856->24855 24857 58b16e 24856->24857 24857->24855 24875 587800 77 API calls 24857->24875 24859->24675 24860->24671 24862 581834 24861->24862 24869 5813f2 24861->24869 24863 58185d 24862->24863 24871 5876e9 76 API calls __vswprintf_c_l 24862->24871 24865 5a521e 22 API calls 24863->24865 24867 58187a 24865->24867 24866 581853 24872 58775a 75 API calls 24866->24872 24867->24869 24873 58775a 75 API calls 24867->24873 24869->24850 24871->24866 24872->24863 24873->24869 24874->24854 24875->24855 24877 581a8a 24876->24877 24878 581a8e 24876->24878 24877->24680 24880 5819c5 24878->24880 24881 5819d7 24880->24881 24882 581a14 24880->24882 24883 584264 115 API calls 24881->24883 24888 5846ce 24882->24888 24886 5819f7 24883->24886 24886->24877 24890 5846d7 24888->24890 24889 584264 115 API calls 24889->24890 24890->24889 24892 581a35 24890->24892 24905 592128 24890->24905 24892->24886 24893 581f30 24892->24893 24894 581f3a __EH_prolog 24893->24894 24913 5842f1 24894->24913 24896 581f61 24897 581822 78 API calls 24896->24897 24898 581fe8 24896->24898 24899 581f78 24897->24899 24898->24886 24941 58190b 78 API calls 24899->24941 24901 581f90 24903 581f9c _wcslen 24901->24903 24942 592ed2 MultiByteToWideChar 24901->24942 24943 58190b 78 API calls 24903->24943 24906 59212f 24905->24906 24907 59214a 24906->24907 24911 5876e4 RaiseException _com_raise_error 24906->24911 24908 59215b SetThreadExecutionState 24907->24908 24912 5876e4 RaiseException _com_raise_error 24907->24912 24908->24890 24911->24907 24912->24908 24914 5842fb __EH_prolog 24913->24914 24915 58432d 24914->24915 24916 584311 24914->24916 24918 584588 24915->24918 24921 584359 24915->24921 24969 581397 74 API calls 24916->24969 24989 581397 74 API calls 24918->24989 24920 58431c 24920->24896 24921->24920 24944 594586 24921->24944 24923 5843da 24924 584465 24923->24924 24940 5843d1 24923->24940 24972 58e4a9 96 API calls 24923->24972 24954 58bf0a 24924->24954 24925 5843d6 24925->24923 24971 58252a 78 API calls 24925->24971 24927 5843a8 24927->24923 24927->24925 24928 5843c6 24927->24928 24970 581397 74 API calls 24928->24970 24931 584478 24934 58450e 24931->24934 24935 5844fe 24931->24935 24973 59422f 24934->24973 24958 58a475 24935->24958 24938 58450c 24938->24940 24982 58237a 74 API calls 24938->24982 24983 593546 24940->24983 24941->24901 24942->24903 24943->24898 24945 59459b 24944->24945 24947 5945a5 ___std_exception_copy 24944->24947 24990 58775a 75 API calls 24945->24990 24948 5946d5 24947->24948 24949 59462b 24947->24949 24950 59464f _abort 24947->24950 24992 5a3340 RaiseException 24948->24992 24991 5944b9 75 API calls 3 library calls 24949->24991 24950->24927 24953 594701 24955 58bf18 24954->24955 24957 58bf22 24954->24957 24956 59febe 27 API calls 24955->24956 24956->24957 24957->24931 24959 58a47f __EH_prolog 24958->24959 24993 588a1f 24959->24993 24962 5813d9 78 API calls 24963 58a492 24962->24963 24996 58e56c 24963->24996 24965 58a4a5 24966 58a4ee 24965->24966 24968 58e56c 132 API calls 24965->24968 25005 58e758 97 API calls __InternalCxxFrameHandler 24965->25005 24966->24938 24968->24965 24969->24920 24970->24940 24971->24923 24972->24924 24974 594261 24973->24974 24976 594238 24973->24976 24980 594255 24974->24980 25020 5966d4 137 API calls 2 library calls 24974->25020 24977 594257 24976->24977 24978 59424d 24976->24978 24976->24980 25019 5973ae 132 API calls 24977->25019 25006 597ddc 24978->25006 24980->24938 24982->24940 24984 593550 24983->24984 24985 593569 24984->24985 24988 59357d 24984->24988 25021 59220d 86 API calls 24985->25021 24987 593570 Concurrency::cancel_current_task 24987->24988 24989->24920 24990->24947 24991->24950 24992->24953 24994 58c619 GetVersionExW 24993->24994 24995 588a24 24994->24995 24995->24962 25003 58e582 __InternalCxxFrameHandler 24996->25003 24997 58e6f2 24998 58e726 24997->24998 24999 58e523 6 API calls 24997->24999 25000 592128 SetThreadExecutionState RaiseException 24998->25000 24999->24998 25002 58e6e9 25000->25002 25001 599cad 117 API calls 25001->25003 25002->24965 25003->24997 25003->25001 25003->25002 25004 58bff5 91 API calls 25003->25004 25004->25003 25005->24965 25007 5947ad 75 API calls 25006->25007 25014 597ded __InternalCxxFrameHandler 25007->25014 25008 58e56c 132 API calls 25008->25014 25009 5981fe 25010 5963b9 98 API calls 25009->25010 25011 59820e __InternalCxxFrameHandler 25010->25011 25011->24980 25012 5924ef 81 API calls 25012->25014 25013 595011 132 API calls 25013->25014 25014->25008 25014->25009 25014->25012 25014->25013 25015 598253 132 API calls 25014->25015 25016 5922a6 88 API calls 25014->25016 25017 594b1c 98 API calls 25014->25017 25018 5988af 137 API calls 25014->25018 25015->25014 25016->25014 25017->25014 25018->25014 25019->24980 25020->24980 25021->24987 25023 58e3a5 25022->25023 25025 58e3ac 25022->25025 25027 58aa7a 25023->25027 25025->24684 25026->24686 25028 58aa93 25027->25028 25030 58b110 79 API calls 25028->25030 25029 58aac5 25029->25025 25030->25029 25031->24696 25032->24696 25033->24694 25035 5866ef 25034->25035 25083 5865fb 25035->25083 25038 586722 25039 58675a 25038->25039 25088 58c6af CharUpperW CompareStringW _wcslen ___vcrt_InitializeCriticalSectionEx 25038->25088 25039->24712 25041 5889dd 25040->25041 25042 588a15 25041->25042 25094 587931 74 API calls 25041->25094 25042->24720 25042->24724 25042->24726 25044 588a0d 25095 581397 74 API calls 25044->25095 25046->24791 25048 58b043 25047->25048 25050 58b052 25047->25050 25049 58b049 FlushFileBuffers 25048->25049 25048->25050 25049->25050 25051 58b0cf SetFileTime 25050->25051 25051->24795 25052->24703 25053->24717 25054->24710 25055->24713 25056->24730 25057->24730 25058->24730 25059->24730 25060->24730 25061->24732 25062->24732 25063->24729 25064->24749 25065->24741 25066->24749 25068 58ab25 GetFileType 25067->25068 25069 589b2b 25067->25069 25068->25069 25069->24743 25070 58237a 74 API calls 25069->25070 25070->24757 25071->24743 25072->24759 25073->24785 25074->24785 25075->24780 25076->24785 25077->24785 25078->24789 25079->24798 25080->24788 25081->24726 25082->24726 25089 5864f8 25083->25089 25086 5864f8 2 API calls 25087 58661c 25086->25087 25087->25038 25088->25038 25090 586502 25089->25090 25091 5865ea 25090->25091 25093 58c6af CharUpperW CompareStringW _wcslen ___vcrt_InitializeCriticalSectionEx 25090->25093 25091->25086 25091->25087 25093->25090 25094->25044 25095->25042 25098 58e34a Concurrency::cancel_current_task 25097->25098 25103 58bd8e 86 API calls Concurrency::cancel_current_task 25098->25103 25100 58e37c 25104 58bd8e 86 API calls Concurrency::cancel_current_task 25100->25104 25102 58e387 25103->25100 25104->25102 25105->24810 25107 58baa1 25106->25107 25108 58baba FindFirstFileW 25107->25108 25109 58bb20 FindNextFileW 25107->25109 25111 58bac9 25108->25111 25116 58bb02 25108->25116 25110 58bb2b GetLastError 25109->25110 25109->25116 25110->25116 25112 58cf32 GetCurrentDirectoryW 25111->25112 25113 58bad9 25112->25113 25114 58badd FindFirstFileW 25113->25114 25115 58baf7 GetLastError 25113->25115 25114->25115 25114->25116 25115->25116 25116->24646 25119 58a425 25117->25119 25120 58a458 _abort 25117->25120 25118 58b470 3 API calls 25118->25119 25119->25118 25119->25120 25120->24570 25130 59b5f4 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25121->25130 25123 59b5dd 25124 59b5e9 25123->25124 25131 59b615 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25123->25131 25124->24287 25124->24288 25126->24289 25127->24297 25128->24297 25129->24300 25130->25123 25131->25124 25132->24307 25134 58b1d2 78 API calls 25133->25134 25135 58208f 25134->25135 25136 581ad3 115 API calls 25135->25136 25139 5820ac 25135->25139 25137 58209c 25136->25137 25137->25139 25140 581397 74 API calls 25137->25140 25139->24316 25139->24317 25140->25139 25142 59ffd0 25141->25142 25143 58b4e0 GetFileAttributesW 25142->25143 25144 58b4ca 25143->25144 25145 58b4f1 25143->25145 25144->24079 25144->24091 25146 58cf32 GetCurrentDirectoryW 25145->25146 25147 58b505 25146->25147 25147->25144 25148 58b509 GetFileAttributesW 25147->25148 25148->25144 26028 59d8d8 97 API calls 4 library calls 26072 5a4bd0 5 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 25151 58acd4 25155 58acde 25151->25155 25152 58ae2c SetFilePointer 25153 58acf4 25152->25153 25154 58ae49 GetLastError 25152->25154 25154->25153 25155->25152 25155->25153 25156 58ae05 25155->25156 25157 58aa7a 79 API calls 25155->25157 25156->25152 25157->25156 26030 5b21d5 21 API calls 2 library calls 26073 59d8d8 102 API calls 4 library calls 26000 5ab8c0 21 API calls 26001 5a9cc0 7 API calls ___scrt_uninitialize_crt 26032 5b3dc0 VariantClear 26074 5b03c0 51 API calls 25165 5813fd 43 API calls 2 library calls 26033 59edf1 DialogBoxParamW 25168 5accf0 25169 5accf9 25168->25169 25171 5acd02 25168->25171 25172 5acbe7 25169->25172 25173 5aa515 _unexpected 38 API calls 25172->25173 25174 5acbf4 25173->25174 25192 5acd0e 25174->25192 25176 5acbfc 25201 5ac97b 25176->25201 25179 5acc13 25179->25171 25180 5aa7fe __vsnwprintf_l 21 API calls 25181 5acc24 25180->25181 25182 5acc56 25181->25182 25208 5acdb0 25181->25208 25185 5aa66a _free 20 API calls 25182->25185 25185->25179 25186 5acc51 25218 5aa7eb 20 API calls _abort 25186->25218 25188 5acc9a 25188->25182 25219 5ac851 26 API calls 25188->25219 25189 5acc6e 25189->25188 25190 5aa66a _free 20 API calls 25189->25190 25190->25188 25193 5acd1a __FrameHandler3::FrameUnwindToState 25192->25193 25194 5aa515 _unexpected 38 API calls 25193->25194 25196 5acd24 25194->25196 25197 5acda8 _abort 25196->25197 25200 5aa66a _free 20 API calls 25196->25200 25220 5aa0f4 38 API calls _abort 25196->25220 25221 5abdf1 EnterCriticalSection 25196->25221 25222 5acd9f LeaveCriticalSection _abort 25196->25222 25197->25176 25200->25196 25202 5a5944 __fassign 38 API calls 25201->25202 25203 5ac98d 25202->25203 25204 5ac9ae 25203->25204 25205 5ac99c GetOEMCP 25203->25205 25206 5ac9b3 GetACP 25204->25206 25207 5ac9c5 25204->25207 25205->25207 25206->25207 25207->25179 25207->25180 25209 5ac97b 40 API calls 25208->25209 25211 5acdcf 25209->25211 25210 5acdd6 25212 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25210->25212 25211->25210 25213 5ace20 IsValidCodePage 25211->25213 25217 5ace45 _abort 25211->25217 25214 5acc49 25212->25214 25213->25210 25215 5ace32 GetCPInfo 25213->25215 25214->25186 25214->25189 25215->25210 25215->25217 25223 5aca53 GetCPInfo 25217->25223 25218->25182 25219->25182 25221->25196 25222->25196 25224 5aca8d 25223->25224 25225 5acb37 25223->25225 25233 5adb48 25224->25233 25227 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25225->25227 25229 5acbe3 25227->25229 25229->25210 25232 5abd38 __vsnwprintf_l 43 API calls 25232->25225 25234 5a5944 __fassign 38 API calls 25233->25234 25235 5adb68 MultiByteToWideChar 25234->25235 25237 5adba6 25235->25237 25245 5adc3e 25235->25245 25239 5aa7fe __vsnwprintf_l 21 API calls 25237->25239 25242 5adbc7 _abort __vsnwprintf_l 25237->25242 25238 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25240 5acaee 25238->25240 25239->25242 25247 5abd38 25240->25247 25241 5adc38 25252 5abd83 20 API calls _free 25241->25252 25242->25241 25244 5adc0c MultiByteToWideChar 25242->25244 25244->25241 25246 5adc28 GetStringTypeW 25244->25246 25245->25238 25246->25241 25248 5a5944 __fassign 38 API calls 25247->25248 25249 5abd4b 25248->25249 25253 5abb1b 25249->25253 25252->25245 25254 5abb36 __vsnwprintf_l 25253->25254 25255 5abb5c MultiByteToWideChar 25254->25255 25256 5abd10 25255->25256 25257 5abb86 25255->25257 25258 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25256->25258 25260 5aa7fe __vsnwprintf_l 21 API calls 25257->25260 25264 5abba7 __vsnwprintf_l 25257->25264 25259 5abd23 25258->25259 25259->25232 25260->25264 25261 5abc5c 25289 5abd83 20 API calls _free 25261->25289 25262 5abbf0 MultiByteToWideChar 25262->25261 25263 5abc09 25262->25263 25280 5ac12c 25263->25280 25264->25261 25264->25262 25268 5abc6b 25270 5aa7fe __vsnwprintf_l 21 API calls 25268->25270 25273 5abc8c __vsnwprintf_l 25268->25273 25269 5abc33 25269->25261 25271 5ac12c __vsnwprintf_l 11 API calls 25269->25271 25270->25273 25271->25261 25272 5abd01 25288 5abd83 20 API calls _free 25272->25288 25273->25272 25274 5ac12c __vsnwprintf_l 11 API calls 25273->25274 25276 5abce0 25274->25276 25276->25272 25277 5abcef WideCharToMultiByte 25276->25277 25277->25272 25278 5abd2f 25277->25278 25290 5abd83 20 API calls _free 25278->25290 25291 5abe58 25280->25291 25284 5ac19c LCMapStringW 25285 5ac15c 25284->25285 25286 5a0d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25285->25286 25287 5abc20 25286->25287 25287->25261 25287->25268 25287->25269 25288->25261 25289->25256 25290->25261 25292 5abe88 25291->25292 25293 5abe84 25291->25293 25292->25285 25298 5ac1b4 10 API calls 3 library calls 25292->25298 25293->25292 25296 5abea8 25293->25296 25299 5abef4 25293->25299 25295 5abeb4 GetProcAddress 25297 5abec4 _abort 25295->25297 25296->25292 25296->25295 25297->25292 25298->25284 25300 5abf15 LoadLibraryExW 25299->25300 25301 5abf0a 25299->25301 25302 5abf4a 25300->25302 25303 5abf32 GetLastError 25300->25303 25301->25293 25302->25301 25305 5abf61 FreeLibrary 25302->25305 25303->25302 25304 5abf3d LoadLibraryExW 25303->25304 25304->25302 25305->25301 26002 5a10f0 LocalFree 26034 5ad1f0 GetProcessHeap 26054 59c2f3 78 API calls 26055 5ac66e 27 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 26036 59bde0 73 API calls 26076 5a73e0 QueryPerformanceFrequency QueryPerformanceCounter 25327 59de9d 25328 59df67 25327->25328 25335 59dec0 25327->25335 25341 59d8d8 _wcslen _wcsrchr 25328->25341 25355 59e8df 25328->25355 25329 59c504 ExpandEnvironmentStringsW 25329->25341 25331 59e54f 25333 593316 CompareStringW 25333->25335 25334 59dbac SetWindowTextW 25334->25341 25335->25328 25335->25333 25337 59c67e 76 API calls 25337->25341 25338 5a521e 22 API calls 25338->25341 25340 59d99a SetFileAttributesW 25342 59da54 GetFileAttributesW 25340->25342 25353 59d9b4 _abort _wcslen 25340->25353 25341->25329 25341->25331 25341->25334 25341->25337 25341->25338 25341->25340 25341->25353 25354 593316 CompareStringW 25341->25354 25379 59b65d GetCurrentDirectoryW 25341->25379 25381 58b9ca 6 API calls 25341->25381 25382 58b953 FindClose 25341->25382 25342->25341 25345 59da66 DeleteFileW 25342->25345 25345->25341 25347 59da77 25345->25347 25346 59dd76 GetDlgItem SetWindowTextW SendMessageW 25346->25353 25348 584a20 _swprintf 51 API calls 25347->25348 25350 59da97 GetFileAttributesW 25348->25350 25349 59ddb6 SendMessageW 25349->25341 25350->25347 25351 59daac MoveFileW 25350->25351 25351->25341 25352 59dac4 MoveFileExW 25351->25352 25352->25341 25353->25341 25353->25342 25353->25346 25353->25349 25380 58cdc0 51 API calls 2 library calls 25353->25380 25354->25341 25357 59e8e9 _abort _wcslen 25355->25357 25356 59eb37 25356->25341 25357->25356 25358 59eb10 25357->25358 25359 59e9f5 25357->25359 25383 593316 CompareStringW 25357->25383 25358->25356 25363 59eb2e ShowWindow 25358->25363 25360 58b4c1 3 API calls 25359->25360 25362 59ea0a 25360->25362 25364 59ea29 ShellExecuteExW 25362->25364 25384 58cad4 GetFullPathNameW GetFullPathNameW GetCurrentDirectoryW 25362->25384 25363->25356 25364->25356 25370 59ea3c 25364->25370 25366 59ea21 25366->25364 25367 59ea75 25385 59ed8b 6 API calls 25367->25385 25368 59eacb CloseHandle 25369 59ead9 25368->25369 25375 59eae4 25368->25375 25386 593316 CompareStringW 25369->25386 25370->25367 25370->25368 25373 59ea6b ShowWindow 25370->25373 25373->25367 25374 59ea8d 25374->25368 25376 59eaa0 GetExitCodeProcess 25374->25376 25375->25358 25376->25368 25377 59eab3 25376->25377 25377->25368 25379->25341 25380->25353 25381->25341 25382->25341 25383->25359 25384->25366 25385->25374 25386->25375 26004 59b090 28 API calls 26037 5ab590 21 API calls 2 library calls 26056 5a3a90 6 API calls 4 library calls 26077 5a0790 GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___security_init_cookie 26006 581095 44 API calls 26058 5a3e8b 38 API calls 4 library calls 26008 598880 132 API calls 26039 5a1180 RaiseException _com_raise_error _com_error::_com_error 26078 59c7b0 100 API calls 25932 5abdb0 25933 5abdbb 25932->25933 25934 5ac0ca 11 API calls 25933->25934 25935 5abde4 25933->25935 25937 5abde0 25933->25937 25934->25933 25938 5abe10 DeleteCriticalSection 25935->25938 25938->25937 26080 5a0f0f 9 API calls 2 library calls 25940 5810b5 25941 58644d 43 API calls 25940->25941 25942 5810ba 25941->25942 25945 5a0372 29 API calls 25942->25945 25944 5810c4 25945->25944 26040 59d8d8 107 API calls 4 library calls 26041 59f5af 14 API calls ___delayLoadHelper2@8 26010 59a4a0 GetClientRect 26011 5ad0a0 GetCommandLineA GetCommandLineW

                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                          Function 0059F05C Relevance: 42.2, APIs: 17, Strings: 7, Instructions: 202filesleeptimeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00591B83: GetModuleHandleW.KERNEL32(kernel32), ref: 00591B9C
                                                                                                                                                                                                                                            • Part of subcall function 00591B83: GetProcAddress.KERNEL32(00000000,SetDllDirectoryW), ref: 00591BAE
                                                                                                                                                                                                                                            • Part of subcall function 00591B83: GetProcAddress.KERNEL32(00000000,SetDefaultDllDirectories), ref: 00591BDF
                                                                                                                                                                                                                                            • Part of subcall function 0059B65D: GetCurrentDirectoryW.KERNEL32(?,?), ref: 0059B665
                                                                                                                                                                                                                                            • Part of subcall function 0059BD1B: OleInitialize.OLE32(00000000), ref: 0059BD34
                                                                                                                                                                                                                                            • Part of subcall function 0059BD1B: GdiplusStartup.GDIPLUS(?,?,00000000), ref: 0059BD6B
                                                                                                                                                                                                                                            • Part of subcall function 0059BD1B: SHGetMalloc.SHELL32(005CA460), ref: 0059BD75
                                                                                                                                                                                                                                          • GetCommandLineW.KERNEL32 ref: 0059F09B
                                                                                                                                                                                                                                          • OpenFileMappingW.KERNEL32(000F001F,00000000,winrarsfxmappingfile.tmp), ref: 0059F0C5
                                                                                                                                                                                                                                          • MapViewOfFile.KERNEL32(00000000,000F001F,00000000,00000000,00007402), ref: 0059F0D6
                                                                                                                                                                                                                                          • UnmapViewOfFile.KERNEL32(00000000), ref: 0059F127
                                                                                                                                                                                                                                            • Part of subcall function 0059ED2E: SetEnvironmentVariableW.KERNELBASE(sfxcmd,?), ref: 0059ED44
                                                                                                                                                                                                                                            • Part of subcall function 0059ED2E: SetEnvironmentVariableW.KERNEL32(sfxpar,-00000002,00000000,?,?,?,00001000), ref: 0059ED80
                                                                                                                                                                                                                                            • Part of subcall function 00590752: _wcslen.LIBCMT ref: 00590776
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(00000000), ref: 0059F12E
                                                                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe,00000800), ref: 0059F148
                                                                                                                                                                                                                                          • SetEnvironmentVariableW.KERNEL32(sfxname,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe), ref: 0059F154
                                                                                                                                                                                                                                          • GetLocalTime.KERNEL32(?), ref: 0059F15F
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059F19E
                                                                                                                                                                                                                                          • SetEnvironmentVariableW.KERNEL32(sfxstime,?), ref: 0059F1B3
                                                                                                                                                                                                                                          • GetModuleHandleW.KERNEL32(00000000), ref: 0059F1BA
                                                                                                                                                                                                                                          • LoadIconW.USER32(00000000,00000064), ref: 0059F1D1
                                                                                                                                                                                                                                          • DialogBoxParamW.USER32(00000000,STARTDLG,00000000,Function_0001C9D0,00000000), ref: 0059F222
                                                                                                                                                                                                                                          • Sleep.KERNEL32(?), ref: 0059F250
                                                                                                                                                                                                                                          • DeleteObject.GDI32 ref: 0059F289
                                                                                                                                                                                                                                          • DeleteObject.GDI32(?), ref: 0059F299
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32 ref: 0059F2DC
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: EnvironmentFileHandleVariable$Module$AddressCloseDeleteObjectProcView$CommandCurrentDialogDirectoryGdiplusIconInitializeLineLoadLocalMallocMappingNameOpenParamSleepStartupTimeUnmap_swprintf_wcslen
                                                                                                                                                                                                                                          • String ID: %4d-%02d-%02d-%02d-%02d-%02d-%03d$C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe$STARTDLG$p0\$sfxname$sfxstime$winrarsfxmappingfile.tmp
                                                                                                                                                                                                                                          • API String ID: 3014515783-456623131
                                                                                                                                                                                                                                          • Opcode ID: b6e4e21a7758d9d8e6d3cda8bba4f1a3a4d904d9f18047ce578ccada1d33e9f0
                                                                                                                                                                                                                                          • Instruction ID: e0c455a27acdf7fbf9be2e96ab8445b698b1e5f9bdce9464fc76c3ca74f0d66a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b6e4e21a7758d9d8e6d3cda8bba4f1a3a4d904d9f18047ce578ccada1d33e9f0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B2612871500345AFDB20ABA5EC8DF6A3FECFBA5344F000529F585D2192DB749C48EB62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059B6D2 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 100memorywindowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 823 59b6d2-59b6ef FindResourceW 824 59b7eb 823->824 825 59b6f5-59b706 SizeofResource 823->825 826 59b7ed-59b7f1 824->826 825->824 827 59b70c-59b71b LoadResource 825->827 827->824 828 59b721-59b72c LockResource 827->828 828->824 829 59b732-59b747 GlobalAlloc 828->829 830 59b74d-59b756 GlobalLock 829->830 831 59b7e3-59b7e9 829->831 832 59b7dc-59b7dd GlobalFree 830->832 833 59b75c-59b77a call 5a2dc0 830->833 831->826 832->831 837 59b77c-59b79e call 59b636 833->837 838 59b7d5-59b7d6 GlobalUnlock 833->838 837->838 843 59b7a0-59b7a8 837->843 838->832 844 59b7aa-59b7be GdipCreateHBITMAPFromBitmap 843->844 845 59b7c3-59b7d1 843->845 844->845 846 59b7c0 844->846 845->838 846->845
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • FindResourceW.KERNEL32(?,PNG,00000000,?,?,?,0059C92D,00000066), ref: 0059B6E5
                                                                                                                                                                                                                                          • SizeofResource.KERNEL32(00000000,?,?,?,0059C92D,00000066), ref: 0059B6FC
                                                                                                                                                                                                                                          • LoadResource.KERNEL32(00000000,?,?,?,0059C92D,00000066), ref: 0059B713
                                                                                                                                                                                                                                          • LockResource.KERNEL32(00000000,?,?,?,0059C92D,00000066), ref: 0059B722
                                                                                                                                                                                                                                          • GlobalAlloc.KERNELBASE(00000002,00000000,?,?,?,?,?,0059C92D,00000066), ref: 0059B73D
                                                                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000,?,?,?,?,?,0059C92D,00000066), ref: 0059B74E
                                                                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 0059B7D6
                                                                                                                                                                                                                                            • Part of subcall function 0059B636: GdipAlloc.GDIPLUS(00000010), ref: 0059B63C
                                                                                                                                                                                                                                          • GdipCreateHBITMAPFromBitmap.GDIPLUS(?,?,00FFFFFF), ref: 0059B7B7
                                                                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 0059B7DD
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: GlobalResource$AllocGdipLock$BitmapCreateFindFreeFromLoadSizeofUnlock
                                                                                                                                                                                                                                          • String ID: PNG
                                                                                                                                                                                                                                          • API String ID: 541704414-364855578
                                                                                                                                                                                                                                          • Opcode ID: 3ed4271e4d2a6d78086346f39c70f030bedc1f1d5adc78131d2c6b3440050c36
                                                                                                                                                                                                                                          • Instruction ID: 729e095b051b98a354c750ca8d6090d441aac3998a6bcc60a3b46cacf6b07c8c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3ed4271e4d2a6d78086346f39c70f030bedc1f1d5adc78131d2c6b3440050c36
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9C316F71600706AFEB219F65ED88D1B7FA8FF94751B010628F905D2261EB31E848DB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058BA94 Relevance: 7.6, APIs: 5, Instructions: 105fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 1023 58ba94-58bab8 call 59ffd0 1026 58baba-58bac7 FindFirstFileW 1023->1026 1027 58bb20-58bb29 FindNextFileW 1023->1027 1028 58bb3b-58bbf8 call 59192f call 58d71d call 592924 * 3 1026->1028 1030 58bac9-58badb call 58cf32 1026->1030 1027->1028 1029 58bb2b-58bb39 GetLastError 1027->1029 1035 58bbfd-58bc0a 1028->1035 1031 58bb12-58bb1b 1029->1031 1037 58badd-58baf5 FindFirstFileW 1030->1037 1038 58baf7-58bb00 GetLastError 1030->1038 1031->1035 1037->1028 1037->1038 1040 58bb10 1038->1040 1041 58bb02-58bb05 1038->1041 1040->1031 1041->1040 1043 58bb07-58bb0a 1041->1043 1043->1040 1046 58bb0c-58bb0e 1043->1046 1046->1031
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • FindFirstFileW.KERNELBASE(?,?,?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BABD
                                                                                                                                                                                                                                            • Part of subcall function 0058CF32: _wcslen.LIBCMT ref: 0058CF56
                                                                                                                                                                                                                                          • FindFirstFileW.KERNEL32(?,?,?,?,00000800,?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BAEB
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,00000800,?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BAF7
                                                                                                                                                                                                                                          • FindNextFileW.KERNEL32(?,?,?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BB21
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BB2D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileFind$ErrorFirstLast$Next_wcslen
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 42610566-0
                                                                                                                                                                                                                                          • Opcode ID: 546a3bd62e82441c2432fb110856a9fbfbcc00d4b95f7d6d63ac2341d448a4a4
                                                                                                                                                                                                                                          • Instruction ID: 28dc5e80b77d500c9855c7a69296272dd35268245438423309f489dc5c10ff0c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 546a3bd62e82441c2432fb110856a9fbfbcc00d4b95f7d6d63ac2341d448a4a4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2E418272900519ABDB25EF64CC88AE9BBB8FB48351F100696F96DE3200D7346E94DF90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005892C6 Relevance: 4.7, APIs: 1, Strings: 1, Instructions: 1157COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 005892CB
                                                                                                                                                                                                                                            • Part of subcall function 0058D656: _wcsrchr.LIBVCRUNTIME ref: 0058D660
                                                                                                                                                                                                                                            • Part of subcall function 0058CAA0: _wcslen.LIBCMT ref: 0058CAA6
                                                                                                                                                                                                                                            • Part of subcall function 00591907: _wcslen.LIBCMT ref: 0059190D
                                                                                                                                                                                                                                            • Part of subcall function 0058B5D6: _wcslen.LIBCMT ref: 0058B5E2
                                                                                                                                                                                                                                            • Part of subcall function 0058B5D6: __aulldiv.LIBCMT ref: 0058B60E
                                                                                                                                                                                                                                            • Part of subcall function 0058B5D6: GetCurrentProcessId.KERNEL32(00000000,?,000186A0,00000000,?,?,00000800,?), ref: 0058B615
                                                                                                                                                                                                                                            • Part of subcall function 0058B5D6: _swprintf.LIBCMT ref: 0058B640
                                                                                                                                                                                                                                            • Part of subcall function 0058B5D6: _wcslen.LIBCMT ref: 0058B64A
                                                                                                                                                                                                                                            • Part of subcall function 0058B5D6: _swprintf.LIBCMT ref: 0058B6A0
                                                                                                                                                                                                                                            • Part of subcall function 0058B5D6: _wcslen.LIBCMT ref: 0058B6AA
                                                                                                                                                                                                                                            • Part of subcall function 00584727: __EH_prolog.LIBCMT ref: 0058472C
                                                                                                                                                                                                                                            • Part of subcall function 0058A212: __EH_prolog.LIBCMT ref: 0058A217
                                                                                                                                                                                                                                            • Part of subcall function 0058B8E6: SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B8FA
                                                                                                                                                                                                                                            • Part of subcall function 0058B8E6: SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B92B
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          • __tmp_reference_source_, xrefs: 00589596
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$H_prolog$AttributesFile_swprintf$CurrentProcess__aulldiv_wcsrchr
                                                                                                                                                                                                                                          • String ID: __tmp_reference_source_
                                                                                                                                                                                                                                          • API String ID: 70197177-685763994
                                                                                                                                                                                                                                          • Opcode ID: d068ef8f11792416e351aa5ef316fd4568d55be0c9c0eac9fd584f0269800999
                                                                                                                                                                                                                                          • Instruction ID: 202a9a6064c30a7299f109aa3745de1be32738919d89938fe7c37a1eddcb6bd7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d068ef8f11792416e351aa5ef316fd4568d55be0c9c0eac9fd584f0269800999
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D2A2F771904246AEEF19EF64C899BF9BFA8BF45300F0C05BAED49BB182D7315944CB61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A91B0 Relevance: 4.5, APIs: 3, Instructions: 20COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetCurrentProcess.KERNEL32(?,?,005A9186,?,005BD570,0000000C,005A92DD,?,00000002,00000000), ref: 005A91D1
                                                                                                                                                                                                                                          • TerminateProcess.KERNEL32(00000000,?,005A9186,?,005BD570,0000000C,005A92DD,?,00000002,00000000), ref: 005A91D8
                                                                                                                                                                                                                                          • ExitProcess.KERNEL32 ref: 005A91EA
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1703294689-0
                                                                                                                                                                                                                                          • Opcode ID: 0b41a4f055d79ffeb852b7f3fad2d027eac7e056f7cc456d20d75ffe4632f543
                                                                                                                                                                                                                                          • Instruction ID: a3bc99839129e971f3b32d2abcbfde94f4e85ef018194ac0aafa582d7b6ee165
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0b41a4f055d79ffeb852b7f3fad2d027eac7e056f7cc456d20d75ffe4632f543
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 78E0B63900455DABCF616F64DD0DE5D3F6AFFA1352F014114F9098A222CB35ED86DA90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00597DDC Relevance: .3, Instructions: 343COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: 1998f742e25ca73834511466a776424e145e8fd1635f1bfe68fc9f620511f114
                                                                                                                                                                                                                                          • Instruction ID: 7e19d3d405119c5233f314a233956ea0f6ad3713f757df33de74a749b89af7a7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1998f742e25ca73834511466a776424e145e8fd1635f1bfe68fc9f620511f114
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D8D193716083458FDF14DF28C84476ABFE5FF89308F08456DE8899B242D774E949CB5A
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C9D0 Relevance: 104.0, APIs: 48, Strings: 11, Instructions: 734windowfilesleepCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 0059C9D5
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: GetDlgItem.USER32(00000000,00003021), ref: 0058133A
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: SetWindowTextW.USER32(00000000,005B45F4), ref: 00581350
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0059CAC1
                                                                                                                                                                                                                                          • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0059CADF
                                                                                                                                                                                                                                          • IsDialogMessageW.USER32(?,?), ref: 0059CAF2
                                                                                                                                                                                                                                          • TranslateMessage.USER32(?), ref: 0059CB00
                                                                                                                                                                                                                                          • DispatchMessageW.USER32(?), ref: 0059CB0A
                                                                                                                                                                                                                                          • GetDlgItemTextW.USER32(?,00000066,?,00000800), ref: 0059CB2D
                                                                                                                                                                                                                                          • EndDialog.USER32(?,00000001), ref: 0059CB50
                                                                                                                                                                                                                                          • GetDlgItem.USER32(?,00000068), ref: 0059CB73
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000B1,00000000,000000FF), ref: 0059CB8E
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000C2,00000000,005B45F4), ref: 0059CBA1
                                                                                                                                                                                                                                            • Part of subcall function 0059E598: _wcslen.LIBCMT ref: 0059E5C2
                                                                                                                                                                                                                                          • SetFocus.USER32(00000000), ref: 0059CBA8
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059CC07
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,00000000,00000000,00000000,?), ref: 0059CC6A
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,00000000,00000000,00000000,?), ref: 0059CC92
                                                                                                                                                                                                                                          • GetTickCount.KERNEL32 ref: 0059CCB0
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059CCC8
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,00000011), ref: 0059CCFA
                                                                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(00000000,?,00000800,?,?,?,00000000,00000000,00000000,?), ref: 0059CD4D
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059CD84
                                                                                                                                                                                                                                          • CreateFileMappingW.KERNEL32(000000FF,00000000,08000004,00000000,00007402,winrarsfxmappingfile.tmp), ref: 0059CDD8
                                                                                                                                                                                                                                          • GetCommandLineW.KERNEL32 ref: 0059CDEE
                                                                                                                                                                                                                                          • MapViewOfFile.KERNEL32(00000000,00000002,00000000,00000000,00000000,005D1482,00000400,00000001,00000001), ref: 0059CE45
                                                                                                                                                                                                                                          • ShellExecuteExW.SHELL32(0000003C), ref: 0059CE6D
                                                                                                                                                                                                                                          • Sleep.KERNEL32(00000064), ref: 0059CEB5
                                                                                                                                                                                                                                          • UnmapViewOfFile.KERNEL32(?,?,0000421C,005D1482,00000400), ref: 0059CEDE
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(00000000), ref: 0059CEE7
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059CF1A
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0059CF79
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000065,005B45F4), ref: 0059CF90
                                                                                                                                                                                                                                          • GetDlgItem.USER32(?,00000065), ref: 0059CF99
                                                                                                                                                                                                                                          • GetWindowLongW.USER32(00000000,000000F0), ref: 0059CFA8
                                                                                                                                                                                                                                          • SetWindowLongW.USER32(00000000,000000F0,00000000), ref: 0059CFB7
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0059D064
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059D0BA
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059D0E4
                                                                                                                                                                                                                                          • SendMessageW.USER32(?,00000080,00000001,00010447), ref: 0059D12E
                                                                                                                                                                                                                                          • SendDlgItemMessageW.USER32(?,0000006C,00000172,00000000,?), ref: 0059D148
                                                                                                                                                                                                                                          • GetDlgItem.USER32(?,00000068), ref: 0059D151
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000435,00000000,00400000), ref: 0059D167
                                                                                                                                                                                                                                          • GetDlgItem.USER32(?,00000066), ref: 0059D181
                                                                                                                                                                                                                                          • SetWindowTextW.USER32(00000000,005D389A), ref: 0059D1A3
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,0000006B,00000000), ref: 0059D203
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0059D216
                                                                                                                                                                                                                                          • DialogBoxParamW.USER32(LICENSEDLG,00000000,Function_0001C7B0,00000000,?), ref: 0059D2B9
                                                                                                                                                                                                                                          • EnableWindow.USER32(00000000,00000000), ref: 0059D393
                                                                                                                                                                                                                                          • SendMessageW.USER32(?,00000111,00000001,00000000), ref: 0059D3D5
                                                                                                                                                                                                                                            • Part of subcall function 0059D884: __EH_prolog.LIBCMT ref: 0059D889
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0059D3F9
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Item$MessageText$Send$Window_swprintf$File$DialogErrorLast$H_prologLongView_wcslen$CloseCommandCountCreateDispatchEnableExecuteFocusHandleLineMappingModuleNameParamShellSleepTickTranslateUnmap__vswprintf_c_l
                                                                                                                                                                                                                                          • String ID: %s$"%s"%s$-el -s2 "-d%s" "-sp%s"$<$@$C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe$LICENSEDLG$STARTDLG$__tmp_rar_sfx_access_check_%u$lb[$winrarsfxmappingfile.tmp
                                                                                                                                                                                                                                          • API String ID: 2749746782-787870381
                                                                                                                                                                                                                                          • Opcode ID: 449edeeec764ab03868c362c45a6f2dc8b9bae721ce9d7b31ea01954781c3111
                                                                                                                                                                                                                                          • Instruction ID: def0ac1858904b1263bd66c6b5220a39c3c55d1a3b88ad060b9fccec3533a661
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 449edeeec764ab03868c362c45a6f2dc8b9bae721ce9d7b31ea01954781c3111
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4D42D271940649BAEF25AB649C8EFBA7FBCBB61704F040055F584BA0D2D7B44948EB22
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00591B83 Relevance: 100.1, APIs: 23, Strings: 34, Instructions: 316libraryfileloaderCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 273 591b83-591ba6 call 59ffd0 GetModuleHandleW 276 591ba8-591bbf GetProcAddress 273->276 277 591c07-591e68 273->277 278 591bd9-591be9 GetProcAddress 276->278 279 591bc1-591bd7 276->279 280 591e6e-591e79 call 5a89ee 277->280 281 591f34-591f60 GetModuleFileNameW call 58d6a7 call 59192f 277->281 283 591beb-591c00 278->283 284 591c05 278->284 279->278 280->281 290 591e7f-591ead GetModuleFileNameW CreateFileW 280->290 295 591f62-591f6e call 58c619 281->295 283->284 284->277 293 591f28-591f2f CloseHandle 290->293 294 591eaf-591ebb SetFilePointer 290->294 293->281 294->293 296 591ebd-591ed9 ReadFile 294->296 302 591f9d-591fc4 call 58d71d GetFileAttributesW 295->302 303 591f70-591f7b call 591b3b 295->303 296->293 299 591edb-591f00 296->299 301 591f1d-591f26 call 59169e 299->301 301->293 310 591f02-591f1c call 591b3b 301->310 313 591fce 302->313 314 591fc6-591fca 302->314 303->302 312 591f7d-591f9b CompareStringW 303->312 310->301 312->302 312->314 317 591fd0-591fd5 313->317 314->295 316 591fcc 314->316 316->317 318 59200c-59200e 317->318 319 591fd7 317->319 321 59211b-592125 318->321 322 592014-59202b call 58d6f1 call 58c619 318->322 320 591fd9-592000 call 58d71d GetFileAttributesW 319->320 327 59200a 320->327 328 592002-592006 320->328 332 59202d-59208e call 591b3b * 2 call 58f937 call 584a20 call 58f937 call 59b7f4 322->332 333 592093-5920c6 call 584a20 AllocConsole 322->333 327->318 328->320 330 592008 328->330 330->318 340 592113-592115 ExitProcess 332->340 339 5920c8-59210d GetCurrentProcessId AttachConsole call 5a4fa3 GetStdHandle WriteConsoleW Sleep FreeConsole 333->339 333->340 339->340
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetModuleHandleW.KERNEL32(kernel32), ref: 00591B9C
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,SetDllDirectoryW), ref: 00591BAE
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,SetDefaultDllDirectories), ref: 00591BDF
                                                                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 00591E89
                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00591EA3
                                                                                                                                                                                                                                          • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000000), ref: 00591EB3
                                                                                                                                                                                                                                          • ReadFile.KERNEL32(00000000,?,00007FFE,$M[,00000000), ref: 00591ED1
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(00000000), ref: 00591F29
                                                                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 00591F3E
                                                                                                                                                                                                                                          • CompareStringW.KERNEL32(00000400,00001001,?,?,DXGIDebug.dll,?,$M[,?,00000000,?,00000800), ref: 00591F92
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(?,?,$M[,00000800,?,00000000,?,00000800), ref: 00591FBC
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNEL32(?,?,M[,00000800), ref: 00591FF8
                                                                                                                                                                                                                                            • Part of subcall function 00591B3B: GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00591B56
                                                                                                                                                                                                                                            • Part of subcall function 00591B3B: LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0059063A,Crypt32.dll,00000000,005906B4,00000200,?,00590697,00000000,00000000,?), ref: 00591B78
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059206A
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 005920B6
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          • AllocConsole.KERNEL32 ref: 005920BE
                                                                                                                                                                                                                                          • GetCurrentProcessId.KERNEL32 ref: 005920C8
                                                                                                                                                                                                                                          • AttachConsole.KERNEL32(00000000), ref: 005920CF
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 005920E4
                                                                                                                                                                                                                                          • GetStdHandle.KERNEL32(000000F4,?,00000000,?,00000000), ref: 005920F5
                                                                                                                                                                                                                                          • WriteConsoleW.KERNEL32(00000000), ref: 005920FC
                                                                                                                                                                                                                                          • Sleep.KERNEL32(00002710), ref: 00592107
                                                                                                                                                                                                                                          • FreeConsole.KERNEL32 ref: 0059210D
                                                                                                                                                                                                                                          • ExitProcess.KERNEL32 ref: 00592115
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Console$HandleModule$AddressAttributesNameProcProcess_swprintf$AllocAttachCloseCompareCreateCurrentDirectoryExitFreeLibraryLoadPointerReadSleepStringSystemWrite__vswprintf_c_l_wcslen
                                                                                                                                                                                                                                          • String ID: $M[$$P[$$Q[$(N[$(R[$,O[$4Q[$<M[$<P[$@N[$DO[$DR[$DXGIDebug.dll$LQ[$Please remove %s from %s folder. It is unsecure to run %s until it is done.$SetDefaultDllDirectories$SetDllDirectoryW$XM[$XN[$\O[$\R[$`P[$dQ[$dwmapi.dll$kernel32$pM[$pN[$tO[$uxtheme.dll$xP[$xQ[$xR[$M[$N[
                                                                                                                                                                                                                                          • API String ID: 1207345701-1078023542
                                                                                                                                                                                                                                          • Opcode ID: 42baa83bcf6a05c954a1dc4be0e4856303fc760cfa4a2db51c9380ae72e8f251
                                                                                                                                                                                                                                          • Instruction ID: 8d233ea5efbed2838e2b003b3c6c7c3a064ca28be08ec0e52d58af781b96ea15
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 42baa83bcf6a05c954a1dc4be0e4856303fc760cfa4a2db51c9380ae72e8f251
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3CD160B10087999FDB35AF50984DBDFBFE8BB84304F50091DF6859A242DBB0A548CF66
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059D884 Relevance: 47.7, APIs: 23, Strings: 4, Instructions: 428windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 352 59d884-59d89c call 59fefc call 59ffd0 357 59e552-59e55d 352->357 358 59d8a2-59d8cc call 59c504 352->358 358->357 361 59d8d2-59d8d7 358->361 362 59d8d8-59d8e6 361->362 363 59d8e7-59d8fc call 59c11c 362->363 366 59d8fe 363->366 367 59d900-59d915 call 593316 366->367 370 59d922-59d925 367->370 371 59d917-59d91b 367->371 373 59d92b 370->373 374 59e51e-59e549 call 59c504 370->374 371->367 372 59d91d 371->372 372->374 375 59dbc1-59dbc3 373->375 376 59db03-59db05 373->376 377 59d932-59d935 373->377 378 59dba4-59dba6 373->378 374->362 389 59e54f-59e551 374->389 375->374 381 59dbc9-59dbd0 375->381 376->374 382 59db0b-59db17 376->382 377->374 383 59d93b-59d995 call 59b65d call 58d200 call 58b93d call 58ba77 call 5879e5 377->383 378->374 380 59dbac-59dbbc SetWindowTextW 378->380 380->374 381->374 385 59dbd6-59dbef 381->385 386 59db19-59db2a call 5a8a79 382->386 387 59db2b-59db30 382->387 438 59dad4-59dae9 call 58b9ca 383->438 390 59dbf1 385->390 391 59dbf7-59dc05 call 5a4fa3 385->391 386->387 394 59db3a-59db45 call 59c67e 387->394 395 59db32-59db38 387->395 389->357 390->391 391->374 408 59dc0b-59dc14 391->408 399 59db4a-59db4c 394->399 395->399 401 59db4e-59db55 call 5a4fa3 399->401 402 59db57-59db77 call 5a4fa3 call 5a521e 399->402 401->402 427 59db79-59db80 402->427 428 59db90-59db92 402->428 412 59dc3d-59dc40 408->412 413 59dc16-59dc1a 408->413 415 59dd25-59dd33 call 59192f 412->415 416 59dc46-59dc49 412->416 413->416 418 59dc1c-59dc24 413->418 436 59dd35-59dd49 call 5a36be 415->436 420 59dc4b-59dc50 416->420 421 59dc56-59dc71 416->421 418->374 424 59dc2a-59dc38 call 59192f 418->424 420->415 420->421 439 59dcbb-59dcc2 421->439 440 59dc73-59dcad 421->440 424->436 433 59db82-59db84 427->433 434 59db87-59db8f call 5a8a79 427->434 428->374 435 59db98-59db99 call 5a5219 428->435 433->434 434->428 445 59db9e-59db9f 435->445 451 59dd4b-59dd4f 436->451 452 59dd56-59ddb0 call 59192f call 59c3ae GetDlgItem SetWindowTextW SendMessageW call 5a7306 436->452 457 59d99a-59d9ae SetFileAttributesW 438->457 458 59daef-59dafe call 58b953 438->458 448 59dcf0-59dd13 call 5a4fa3 * 2 439->448 449 59dcc4-59dcdc call 5a4fa3 439->449 475 59dcaf 440->475 476 59dcb1-59dcb3 440->476 445->374 448->436 480 59dd15-59dd23 call 591907 448->480 449->448 462 59dcde-59dceb call 591907 449->462 451->452 459 59dd51-59dd53 451->459 452->374 490 59ddb6-59ddca SendMessageW 452->490 463 59da54-59da64 GetFileAttributesW 457->463 464 59d9b4-59d9e7 call 58cdc0 call 58caa0 call 5a4fa3 457->464 458->374 459->452 462->448 463->438 473 59da66-59da75 DeleteFileW 463->473 495 59d9e9-59d9f8 call 5a4fa3 464->495 496 59d9fa-59da08 call 58d1c1 464->496 473->438 479 59da77-59da7a 473->479 475->476 476->439 483 59da7e-59daaa call 584a20 GetFileAttributesW 479->483 480->436 493 59da7c-59da7d 483->493 494 59daac-59dac2 MoveFileW 483->494 490->374 493->483 494->438 497 59dac4-59dace MoveFileExW 494->497 495->496 502 59da0e-59da4d call 5a4fa3 call 5a11b0 495->502 496->458 496->502 497->438 502->463
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 0059D889
                                                                                                                                                                                                                                            • Part of subcall function 0059C504: ExpandEnvironmentStringsW.KERNEL32(00000000,?,00001000), ref: 0059C5EB
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059DB4F
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059DB58
                                                                                                                                                                                                                                          • SetWindowTextW.USER32(?,?), ref: 0059DBB6
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059DBF8
                                                                                                                                                                                                                                          • _wcsrchr.LIBVCRUNTIME ref: 0059DD40
                                                                                                                                                                                                                                          • GetDlgItem.USER32(?,00000066), ref: 0059DD7B
                                                                                                                                                                                                                                          • SetWindowTextW.USER32(00000000,?), ref: 0059DD8B
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000143,00000000,005D389A), ref: 0059DD99
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000143,00000000,?), ref: 0059DDC4
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$MessageSendTextWindow$EnvironmentExpandH_prologItemStrings_wcsrchr
                                                                                                                                                                                                                                          • String ID: %s.%d.tmp$<br>$ProgramFilesDir$Software\Microsoft\Windows\CurrentVersion
                                                                                                                                                                                                                                          • API String ID: 2804936435-312220925
                                                                                                                                                                                                                                          • Opcode ID: 4e30f4eb61d3e98ded07cfdc8051f505a6031f8cf4209a9978006ea380651d38
                                                                                                                                                                                                                                          • Instruction ID: fd568e5bc582eb0e531449c35f83b1c33915cf6d7d77a7c1a65d35be21733099
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4e30f4eb61d3e98ded07cfdc8051f505a6031f8cf4209a9978006ea380651d38
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FBE16472900119AADF24EBA4DD89EEE7BBCFB45310F5044A6FA45E7050EF749E84CB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058ED87 Relevance: 23.4, APIs: 4, Strings: 9, Instructions: 663COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 0058ED90
                                                                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 0058EDCC
                                                                                                                                                                                                                                            • Part of subcall function 0058D6A7: _wcslen.LIBCMT ref: 0058D6AF
                                                                                                                                                                                                                                            • Part of subcall function 00591907: _wcslen.LIBCMT ref: 0059190D
                                                                                                                                                                                                                                            • Part of subcall function 00592ED2: MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,?,?,?,?,?,0058CF18,00000000,?,?), ref: 00592EEE
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058F109
                                                                                                                                                                                                                                          • __fprintf_l.LIBCMT ref: 0058F23C
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$ByteCharFileH_prologModuleMultiNameWide__fprintf_l
                                                                                                                                                                                                                                          • String ID: $ ,$$%s:$*messages***$*messages***$@%s:$R$RTL$a
                                                                                                                                                                                                                                          • API String ID: 566448164-801612888
                                                                                                                                                                                                                                          • Opcode ID: 5aea4613d4cf6a162d79c4415a21be760d7d0dbbfe2e2c502b660b7c23de9c30
                                                                                                                                                                                                                                          • Instruction ID: cf6f1db1966ab8b0eedc7c7244991012536a3bab8dbdadd0fadc9517b9e94ec2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5aea4613d4cf6a162d79c4415a21be760d7d0dbbfe2e2c502b660b7c23de9c30
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8532E071A00219EBCF24EF68C84AAEE7BB5FF59300F40052AFD05A7291EB719D84CB54
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059E619 Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 97windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0059C769
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0059C77A
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: IsDialogMessageW.USER32(0001044A,?), ref: 0059C78E
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: TranslateMessage.USER32(?), ref: 0059C79C
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: DispatchMessageW.USER32(?), ref: 0059C7A6
                                                                                                                                                                                                                                          • GetDlgItem.USER32(00000068,005E1CF0), ref: 0059E62D
                                                                                                                                                                                                                                          • ShowWindow.USER32(00000000,00000005,?,?,00000001,?,?,0059C9A9,005B60F0,005E1CF0,005E1CF0,00001000,005C30C4,00000000,?), ref: 0059E655
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000B1,00000000,000000FF), ref: 0059E660
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000C2,00000000,005B45F4), ref: 0059E66E
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000B1,05F5E100,05F5E100), ref: 0059E684
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,0000043A,00000000,?), ref: 0059E69E
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000444,00000001,0000005C), ref: 0059E6E2
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000C2,00000000,?), ref: 0059E6F0
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000B1,05F5E100,05F5E100), ref: 0059E6FF
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000444,00000001,0000005C), ref: 0059E726
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000C2,00000000,005B549C), ref: 0059E735
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Message$Send$DialogDispatchItemPeekShowTranslateWindow
                                                                                                                                                                                                                                          • String ID: \
                                                                                                                                                                                                                                          • API String ID: 3569833718-2967466578
                                                                                                                                                                                                                                          • Opcode ID: 9f32241b776f58c8dc1d79f9c44b8449b5e5735ac57f46b636eabb4595ff47cd
                                                                                                                                                                                                                                          • Instruction ID: e7879e7762288654c91d6255e11e8c177e28463f37bed0a14f876c369c1aea9f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9f32241b776f58c8dc1d79f9c44b8449b5e5735ac57f46b636eabb4595ff47cd
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5431C471145B84AFD719DF20DC8AFAB3FACFBA2708F40090CF5D19A190E7655908D7A6
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059E8DF Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 184COMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 848 59e8df-59e8f7 call 59ffd0 851 59eb38-59eb40 848->851 852 59e8fd-59e909 call 5a4fa3 848->852 852->851 855 59e90f-59e937 call 5a11b0 852->855 858 59e939 855->858 859 59e941-59e94f 855->859 858->859 860 59e951-59e954 859->860 861 59e962-59e968 859->861 862 59e958-59e95e 860->862 863 59e9ab-59e9ae 861->863 865 59e960 862->865 866 59e987-59e994 862->866 863->862 864 59e9b0-59e9b6 863->864 869 59e9b8-59e9bb 864->869 870 59e9bd-59e9bf 864->870 871 59e972-59e97c 865->871 867 59e99a-59e99e 866->867 868 59eb10-59eb12 866->868 872 59e9a4-59e9a9 867->872 873 59eb16 867->873 868->873 869->870 874 59e9d2-59e9e8 call 58cd5c 869->874 870->874 875 59e9c1-59e9c8 870->875 876 59e96a-59e970 871->876 877 59e97e 871->877 872->863 881 59eb1f 873->881 884 59e9ea-59e9f7 call 593316 874->884 885 59ea01-59ea0c call 58b4c1 874->885 875->874 878 59e9ca 875->878 876->871 880 59e980-59e983 876->880 877->866 878->874 880->866 883 59eb26-59eb28 881->883 887 59eb2a-59eb2c 883->887 888 59eb37 883->888 884->885 893 59e9f9 884->893 894 59ea29-59ea36 ShellExecuteExW 885->894 895 59ea0e-59ea25 call 58cad4 885->895 887->888 891 59eb2e-59eb31 ShowWindow 887->891 888->851 891->888 893->885 894->888 897 59ea3c-59ea49 894->897 895->894 899 59ea4b-59ea52 897->899 900 59ea5c-59ea5e 897->900 899->900 901 59ea54-59ea5a 899->901 902 59ea60-59ea69 900->902 903 59ea75-59ea94 call 59ed8b 900->903 901->900 904 59eacb-59ead7 CloseHandle 901->904 902->903 912 59ea6b-59ea73 ShowWindow 902->912 903->904 917 59ea96-59ea9e 903->917 906 59ead9-59eae6 call 593316 904->906 907 59eae8-59eaf6 904->907 906->881 906->907 907->883 911 59eaf8-59eafa 907->911 911->883 913 59eafc-59eb02 911->913 912->903 913->883 916 59eb04-59eb0e 913->916 916->883 917->904 918 59eaa0-59eab1 GetExitCodeProcess 917->918 918->904 919 59eab3-59eabd 918->919 920 59eabf 919->920 921 59eac4 919->921 920->921 921->904
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059E8FE
                                                                                                                                                                                                                                          • ShellExecuteExW.SHELL32(?), ref: 0059EA2E
                                                                                                                                                                                                                                          • ShowWindow.USER32(?,00000000), ref: 0059EA6D
                                                                                                                                                                                                                                          • GetExitCodeProcess.KERNEL32(?,?), ref: 0059EAA9
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?), ref: 0059EACF
                                                                                                                                                                                                                                          • ShowWindow.USER32(?,00000001), ref: 0059EB31
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ShowWindow$CloseCodeExecuteExitHandleProcessShell_wcslen
                                                                                                                                                                                                                                          • String ID: .exe$.inf$Ld[
                                                                                                                                                                                                                                          • API String ID: 36480843-663308917
                                                                                                                                                                                                                                          • Opcode ID: 6799ba6c353a3d8fa4679cf844dd822cccda6a1496dc2c1f463c70d2cad64c16
                                                                                                                                                                                                                                          • Instruction ID: cde5b4340478548c1ec34eace4c9c7237fbbbbdb1bca8ee3ed8822ca45c3291a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6799ba6c353a3d8fa4679cf844dd822cccda6a1496dc2c1f463c70d2cad64c16
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2351F4710087C09ADF30DB20984AABB7FE5BF95744F18481EF5C5972A0EB759C88DB52
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ABB1B Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 216COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 922 5abb1b-5abb34 923 5abb4a-5abb4f 922->923 924 5abb36-5abb46 call 5b010c 922->924 925 5abb5c-5abb80 MultiByteToWideChar 923->925 926 5abb51-5abb59 923->926 924->923 934 5abb48 924->934 928 5abd13-5abd26 call 5a0d7c 925->928 929 5abb86-5abb92 925->929 926->925 931 5abbe6 929->931 932 5abb94-5abba5 929->932 938 5abbe8-5abbea 931->938 935 5abba7-5abbb6 call 5b31d0 932->935 936 5abbc4-5abbd5 call 5aa7fe 932->936 934->923 941 5abd08 935->941 949 5abbbc-5abbc2 935->949 936->941 950 5abbdb 936->950 938->941 942 5abbf0-5abc03 MultiByteToWideChar 938->942 944 5abd0a-5abd11 call 5abd83 941->944 942->941 943 5abc09-5abc1b call 5ac12c 942->943 951 5abc20-5abc24 943->951 944->928 953 5abbe1-5abbe4 949->953 950->953 951->941 954 5abc2a-5abc31 951->954 953->938 955 5abc6b-5abc77 954->955 956 5abc33-5abc38 954->956 958 5abc79-5abc8a 955->958 959 5abcc3 955->959 956->944 957 5abc3e-5abc40 956->957 957->941 960 5abc46-5abc60 call 5ac12c 957->960 962 5abc8c-5abc9b call 5b31d0 958->962 963 5abca5-5abcb6 call 5aa7fe 958->963 961 5abcc5-5abcc7 959->961 960->944 975 5abc66 960->975 966 5abcc9-5abce2 call 5ac12c 961->966 967 5abd01-5abd07 call 5abd83 961->967 962->967 978 5abc9d-5abca3 962->978 963->967 974 5abcb8 963->974 966->967 980 5abce4-5abceb 966->980 967->941 979 5abcbe-5abcc1 974->979 975->941 978->979 979->961 981 5abced-5abcee 980->981 982 5abd27-5abd2d 980->982 983 5abcef-5abcff WideCharToMultiByte 981->983 982->983 983->967 984 5abd2f-5abd36 call 5abd83 983->984 984->944
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(00000001,00000000,?,?,00000000,00000000,?,kZ,005A6B09,?,?,?,005ABD6C,00000001,00000001,62E85006), ref: 005ABB75
                                                                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(00000001,00000001,?,?,00000000,?,?,?,?,005ABD6C,00000001,00000001,62E85006,?,?,?), ref: 005ABBFB
                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000001,00000000,00000000,00000000,?,62E85006,00000000,00000000,?,00000400,00000000,?,00000000,00000000,00000000,00000000), ref: 005ABCF5
                                                                                                                                                                                                                                          • __freea.LIBCMT ref: 005ABD02
                                                                                                                                                                                                                                            • Part of subcall function 005AA7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,005A5594,?,0000015D,?,?,?,?,005A6A70,000000FF,00000000,?,?), ref: 005AA830
                                                                                                                                                                                                                                          • __freea.LIBCMT ref: 005ABD0B
                                                                                                                                                                                                                                          • __freea.LIBCMT ref: 005ABD30
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ByteCharMultiWide__freea$AllocateHeap
                                                                                                                                                                                                                                          • String ID: kZ
                                                                                                                                                                                                                                          • API String ID: 1414292761-4247250971
                                                                                                                                                                                                                                          • Opcode ID: 92ab30ab94958d0677de70b725d22e1b15959e526a5c11f46d10978f1b977914
                                                                                                                                                                                                                                          • Instruction ID: 176ab532a230a9dc19bb05424edd7fd8ed95900b062d7bed87e82e2d520f9ede
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 92ab30ab94958d0677de70b725d22e1b15959e526a5c11f46d10978f1b977914
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E951DF72600216ABEB258F64CC85FAF7FA9FF86720F144628FC05E6152DB35EC40D6A0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059BD1B Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 34comCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00591B3B: GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00591B56
                                                                                                                                                                                                                                            • Part of subcall function 00591B3B: LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0059063A,Crypt32.dll,00000000,005906B4,00000200,?,00590697,00000000,00000000,?), ref: 00591B78
                                                                                                                                                                                                                                          • OleInitialize.OLE32(00000000), ref: 0059BD34
                                                                                                                                                                                                                                          • GdiplusStartup.GDIPLUS(?,?,00000000), ref: 0059BD6B
                                                                                                                                                                                                                                          • SHGetMalloc.SHELL32(005CA460), ref: 0059BD75
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: DirectoryGdiplusInitializeLibraryLoadMallocStartupSystem
                                                                                                                                                                                                                                          • String ID: riched20.dll$3To
                                                                                                                                                                                                                                          • API String ID: 3498096277-2168385784
                                                                                                                                                                                                                                          • Opcode ID: f767c19ec62ac226a37bf6dfd4b2a18d2e479471b2f61aafe4fe28d51f51a28d
                                                                                                                                                                                                                                          • Instruction ID: d7f290651771ffc907045c772550897bebc79831715c581a0366d95d3cbf98e7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f767c19ec62ac226a37bf6dfd4b2a18d2e479471b2f61aafe4fe28d51f51a28d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3AF04FB1C00209ABCB10AF95C8899DFFFFCEF94304F00405AF441E2200D7B456498BA1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058AB40 Relevance: 7.6, APIs: 5, Instructions: 111filetimeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 991 58ab40-58ab61 call 59ffd0 994 58ab6c 991->994 995 58ab63-58ab66 991->995 996 58ab6e-58ab7f 994->996 995->994 997 58ab68-58ab6a 995->997 998 58ab81 996->998 999 58ab87-58ab91 996->999 997->996 998->999 1000 58ab93 999->1000 1001 58ab96-58aba3 call 5879e5 999->1001 1000->1001 1004 58abab-58abca CreateFileW 1001->1004 1005 58aba5 1001->1005 1006 58ac1b-58ac1f 1004->1006 1007 58abcc-58abee GetLastError call 58cf32 1004->1007 1005->1004 1008 58ac23-58ac26 1006->1008 1010 58ac28-58ac2d 1007->1010 1016 58abf0-58ac13 CreateFileW GetLastError 1007->1016 1008->1010 1011 58ac39-58ac3e 1008->1011 1010->1011 1013 58ac2f 1010->1013 1014 58ac5f-58ac70 1011->1014 1015 58ac40-58ac43 1011->1015 1013->1011 1018 58ac8e-58ac99 1014->1018 1019 58ac72-58ac8a call 59192f 1014->1019 1015->1014 1017 58ac45-58ac59 SetFileTime 1015->1017 1016->1008 1020 58ac15-58ac19 1016->1020 1017->1014 1019->1018 1020->1008
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • CreateFileW.KERNELBASE(?,?,?,00000000,00000003,08000000,00000000,?,00000000,?,?,00588243,?,00000005,?,00000011), ref: 0058ABBF
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,00588243,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 0058ABCC
                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(00000000,?,?,00000000,00000003,08000000,00000000,?,?,00000800,?,?,00588243,?,00000005,?), ref: 0058AC02
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,00588243,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 0058AC0A
                                                                                                                                                                                                                                          • SetFileTime.KERNEL32(00000000,00000000,000000FF,00000000,?,00588243,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 0058AC59
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$CreateErrorLast$Time
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1999340476-0
                                                                                                                                                                                                                                          • Opcode ID: 65faa4d1e447f67bca3e3fb1af4c06a08bfe953ee80453932a0a0e8f0629c781
                                                                                                                                                                                                                                          • Instruction ID: 438f4cb07dd84a486aa2c9b690f65bd398e0fff382633177aebed7c5a908f242
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 65faa4d1e447f67bca3e3fb1af4c06a08bfe953ee80453932a0a0e8f0629c781
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 673115305447456FF730AF24DC49B9ABFD5BB45320F200B1AF9A0A61D1D3B1A848CB96
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C758 Relevance: 7.5, APIs: 5, Instructions: 38windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 1050 59c758-59c771 PeekMessageW 1051 59c7ac-59c7ae 1050->1051 1052 59c773-59c787 GetMessageW 1050->1052 1053 59c789-59c796 IsDialogMessageW 1052->1053 1054 59c798-59c7a6 TranslateMessage DispatchMessageW 1052->1054 1053->1051 1053->1054 1054->1051
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0059C769
                                                                                                                                                                                                                                          • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0059C77A
                                                                                                                                                                                                                                          • IsDialogMessageW.USER32(0001044A,?), ref: 0059C78E
                                                                                                                                                                                                                                          • TranslateMessage.USER32(?), ref: 0059C79C
                                                                                                                                                                                                                                          • DispatchMessageW.USER32(?), ref: 0059C7A6
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Message$DialogDispatchPeekTranslate
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1266772231-0
                                                                                                                                                                                                                                          • Opcode ID: e0412d68dbae3c597a71758903ebc1cd77f3251358e515796934e02e254656d1
                                                                                                                                                                                                                                          • Instruction ID: 9a357e9b4dd5e0e7cc48d321fd9f38ad22e8df99a824aac4c8d9deb0675fc3a1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e0412d68dbae3c597a71758903ebc1cd77f3251358e515796934e02e254656d1
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 81F03071901529AB8F249BE1DC8CDDB7FBCFE153557004024B546D6000FB64D509CBF0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059BBC0 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35COMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 1055 59bbc0-59bbdf GetClassNameW 1056 59bbe1-59bbf6 call 593316 1055->1056 1057 59bc07-59bc09 1055->1057 1062 59bbf8-59bc04 FindWindowExW 1056->1062 1063 59bc06 1056->1063 1059 59bc0b-59bc0e SHAutoComplete 1057->1059 1060 59bc14-59bc16 1057->1060 1059->1060 1062->1063 1063->1057
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetClassNameW.USER32(?,?,00000050), ref: 0059BBD7
                                                                                                                                                                                                                                          • SHAutoComplete.SHLWAPI(?,00000010), ref: 0059BC0E
                                                                                                                                                                                                                                            • Part of subcall function 00593316: CompareStringW.KERNEL32(00000400,00001001,?,000000FF,?,Function_00013316,0058D523,00000000,.exe,?,?,00000800,?,?,?,00599E5C), ref: 0059332C
                                                                                                                                                                                                                                          • FindWindowExW.USER32(?,00000000,EDIT,00000000), ref: 0059BBFE
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AutoClassCompareCompleteFindNameStringWindow
                                                                                                                                                                                                                                          • String ID: EDIT
                                                                                                                                                                                                                                          • API String ID: 4243998846-3080729518
                                                                                                                                                                                                                                          • Opcode ID: 44c07b4be9fbc05519269df51b3ebcd459fb1c675df710223caa0469063bf840
                                                                                                                                                                                                                                          • Instruction ID: 24dfe2cca9fdf0212bff24ecf6ab41a32756a036484354d17bf1eac4d9c308d6
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 44c07b4be9fbc05519269df51b3ebcd459fb1c675df710223caa0469063bf840
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B9F08232A01629BAEF245A659D09F9F7A6CBB56B40F440025FA40B6180EB60EE05C9F5
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059ED2E Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 31COMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 1064 59ed2e-59ed59 call 59ffd0 SetEnvironmentVariableW call 59169e 1068 59ed5e-59ed62 1064->1068 1069 59ed64-59ed68 1068->1069 1070 59ed86-59ed88 1068->1070 1071 59ed71-59ed78 call 5917ba 1069->1071 1074 59ed6a-59ed70 1071->1074 1075 59ed7a-59ed80 SetEnvironmentVariableW 1071->1075 1074->1071 1075->1070
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SetEnvironmentVariableW.KERNELBASE(sfxcmd,?), ref: 0059ED44
                                                                                                                                                                                                                                          • SetEnvironmentVariableW.KERNEL32(sfxpar,-00000002,00000000,?,?,?,00001000), ref: 0059ED80
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: EnvironmentVariable
                                                                                                                                                                                                                                          • String ID: sfxcmd$sfxpar
                                                                                                                                                                                                                                          • API String ID: 1431749950-3493335439
                                                                                                                                                                                                                                          • Opcode ID: 9c046dccab2b973b7178bd554454157b6e3426784c8edf848f442504274814f0
                                                                                                                                                                                                                                          • Instruction ID: ce666ef4856aee13455ec330e75288ef7bc651c6fa5f5b9df8ab28f67e7663b1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9c046dccab2b973b7178bd554454157b6e3426784c8edf848f442504274814f0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2BF030B2901736A6DF316B94CC0AAEA7E58BF66B41B040155FD85A6046E6749880DBA0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A4DA2 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 1076 5a4da2-5a4db7 LoadLibraryExW 1077 5a4deb-5a4dec 1076->1077 1078 5a4db9-5a4dc2 GetLastError 1076->1078 1079 5a4de9 1078->1079 1080 5a4dc4-5a4dd8 call 5a7468 1078->1080 1079->1077 1080->1079 1083 5a4dda-5a4de8 LoadLibraryExW 1080->1083
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • LoadLibraryExW.KERNELBASE(00000011,00000000,00000800,?,005A4D53,00000000,00000001,005E40C4,?,?,?,005A4EF6,00000004,InitializeCriticalSectionEx,005B7424,InitializeCriticalSectionEx), ref: 005A4DAF
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,005A4D53,00000000,00000001,005E40C4,?,?,?,005A4EF6,00000004,InitializeCriticalSectionEx,005B7424,InitializeCriticalSectionEx,00000000,?,005A4CAD), ref: 005A4DB9
                                                                                                                                                                                                                                          • LoadLibraryExW.KERNEL32(00000011,00000000,00000000,?,00000011,005A3BF3), ref: 005A4DE1
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                                                                                          • String ID: api-ms-
                                                                                                                                                                                                                                          • API String ID: 3177248105-2084034818
                                                                                                                                                                                                                                          • Opcode ID: 32796ce7d1499b53792102e30e874e6e97e2d99574a0e2541e15afb5e785d61d
                                                                                                                                                                                                                                          • Instruction ID: fc3c2c2d18be4ceba058cbb1893ca643e5a361e3f6a483608bab6f93e73b6af2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 32796ce7d1499b53792102e30e874e6e97e2d99574a0e2541e15afb5e785d61d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DBE04F38284308B7EF202BA1EC0BB6D3F98BB51B51F104120FA0DA81E1E7B1B954AD84
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058A9E5 Relevance: 6.1, APIs: 4, Instructions: 56fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 1084 58a9e5-58a9f1 1085 58a9fe-58aa15 ReadFile 1084->1085 1086 58a9f3-58a9fb GetStdHandle 1084->1086 1087 58aa71 1085->1087 1088 58aa17-58aa20 call 58ab1c 1085->1088 1086->1085 1089 58aa74-58aa77 1087->1089 1092 58aa39-58aa3d 1088->1092 1093 58aa22-58aa2a 1088->1093 1095 58aa4e-58aa52 1092->1095 1096 58aa3f-58aa48 GetLastError 1092->1096 1093->1092 1094 58aa2c 1093->1094 1097 58aa2d-58aa37 call 58a9e5 1094->1097 1099 58aa6c-58aa6f 1095->1099 1100 58aa54-58aa5c 1095->1100 1096->1095 1098 58aa4a-58aa4c 1096->1098 1097->1089 1098->1089 1099->1089 1100->1099 1102 58aa5e-58aa67 GetLastError 1100->1102 1102->1099 1104 58aa69-58aa6a 1102->1104 1104->1097
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetStdHandle.KERNEL32(000000F6), ref: 0058A9F5
                                                                                                                                                                                                                                          • ReadFile.KERNELBASE(?,?,?,?,00000000), ref: 0058AA0D
                                                                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 0058AA3F
                                                                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 0058AA5E
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorLast$FileHandleRead
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2244327787-0
                                                                                                                                                                                                                                          • Opcode ID: 544af456d3525be2b78a5a24f56ea59250b33212c5b8419a55e310012b671203
                                                                                                                                                                                                                                          • Instruction ID: 06644bc76dabd2f9e257aef226dcb7e4c582eab7ef0a6cb7e7d417df73e7b633
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 544af456d3525be2b78a5a24f56ea59250b33212c5b8419a55e310012b671203
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F711CE30500208EBEB34BF60DE0867A3FA9BB51320F104627FD52A5990D774DE84DB52
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ABEF4 Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • LoadLibraryExW.KERNELBASE(00000000,00000000,00000800,005A53FD,00000000,00000000,?,005ABE9B,005A53FD,00000000,00000000,00000000,?,005AC098,00000006,FlsSetValue), ref: 005ABF26
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,005ABE9B,005A53FD,00000000,00000000,00000000,?,005AC098,00000006,FlsSetValue,005B8A00,FlsSetValue,00000000,00000364,?,005AA5E7), ref: 005ABF32
                                                                                                                                                                                                                                          • LoadLibraryExW.KERNEL32(00000000,00000000,00000000,?,005ABE9B,005A53FD,00000000,00000000,00000000,?,005AC098,00000006,FlsSetValue,005B8A00,FlsSetValue,00000000), ref: 005ABF40
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3177248105-0
                                                                                                                                                                                                                                          • Opcode ID: ff103ea174696b86c1a1636be0886b8bbd7948b1280553bce9780c9cb4dbd0e4
                                                                                                                                                                                                                                          • Instruction ID: c07d06fa17a2496baa6ca0db2dc4b2709ef71bba1ad86fc035586b2db634c16d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ff103ea174696b86c1a1636be0886b8bbd7948b1280553bce9780c9cb4dbd0e4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D701D0366153279FDB314B78AC44A6F7F98BF16761B190720F916D7252D720E804DED0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C67E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen
                                                                                                                                                                                                                                          • String ID: }
                                                                                                                                                                                                                                          • API String ID: 176396367-4239843852
                                                                                                                                                                                                                                          • Opcode ID: 3aca6dc91d928c1c6377a1af49b049b2949f525bd6d4a8658cb23bc81b175b93
                                                                                                                                                                                                                                          • Instruction ID: 927bfa1cf7a590bc3d5c64d90285ec62bd065b7628bef7a21275343a1c65c60e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3aca6dc91d928c1c6377a1af49b049b2949f525bd6d4a8658cb23bc81b175b93
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F521A13290830A5ADB21EBA4D949A6BBFECFF85750F14042EF640C2141EB61ED4887A2
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059233E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 49threadCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • CreateThread.KERNELBASE(00000000,00010000,Function_00012480,?,00000000,00000000), ref: 00592362
                                                                                                                                                                                                                                          • SetThreadPriority.KERNEL32(?,00000000), ref: 005923A9
                                                                                                                                                                                                                                            • Part of subcall function 005876E9: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00587707
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Thread$CreatePriority__vswprintf_c_l
                                                                                                                                                                                                                                          • String ID: CreateThread failed
                                                                                                                                                                                                                                          • API String ID: 2655393344-3849766595
                                                                                                                                                                                                                                          • Opcode ID: 017dd2869767cb22784a3baa1e10a546054b6510f775aa13f16e9c7df3682079
                                                                                                                                                                                                                                          • Instruction ID: 7bc5102192acdc9fb94fa2376c22fb379c6b0ee26891e3f7585fbd1f841eb5c1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 017dd2869767cb22784a3baa1e10a546054b6510f775aa13f16e9c7df3682079
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EA012BB630470A7FDB207F94AC49F667FD8FB54311F20052DFA82A61D1DAA1A8408721
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B20A Relevance: 4.6, APIs: 3, Instructions: 111fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetStdHandle.KERNEL32(000000F5,?,?,?,?,0058E79B,00000001,?,?,?,00000000,005966C2,?,?,?), ref: 0058B22E
                                                                                                                                                                                                                                          • WriteFile.KERNEL32(?,?,00000000,?,00000000,?,?,00000000,005966C2,?,?,?,?,?,00596184,?), ref: 0058B275
                                                                                                                                                                                                                                          • WriteFile.KERNELBASE(0000001D,?,?,?,00000000,?,00000001,?,?,?,?,0058E79B,00000001,?,?), ref: 0058B2A1
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileWrite$Handle
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 4209713984-0
                                                                                                                                                                                                                                          • Opcode ID: 488a8a343a3865659e746e6ee1b3512d6d30be3119216f1d5f88c07914ea2dc0
                                                                                                                                                                                                                                          • Instruction ID: 0338fa4041c17e68d1ec8c432916f90c35e8a9287a03847602b0fd3e3581f5bf
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 488a8a343a3865659e746e6ee1b3512d6d30be3119216f1d5f88c07914ea2dc0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7F31A235148306AFEB14EF14D818B6F7BA9FB94715F044A1DF98277290CB74A948CBA2
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B542 Relevance: 4.6, APIs: 3, Instructions: 55COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 0058D68B: _wcslen.LIBCMT ref: 0058D691
                                                                                                                                                                                                                                          • CreateDirectoryW.KERNELBASE(?,00000000,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B569
                                                                                                                                                                                                                                          • CreateDirectoryW.KERNEL32(?,00000000,?,?,00000800,?,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B59C
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B5B9
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CreateDirectory$ErrorLast_wcslen
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2260680371-0
                                                                                                                                                                                                                                          • Opcode ID: 9575a7a7f6eccc6b49fea5035486e4a83f7d562a364e65e91c0c3e2d3d21a71b
                                                                                                                                                                                                                                          • Instruction ID: 33b92733eff9feddbd7000a4e2d4e80089b864b297a1f363a2021540c81443b0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9575a7a7f6eccc6b49fea5035486e4a83f7d562a364e65e91c0c3e2d3d21a71b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 510192712042146AFF217B715C49BBE3A5CBF06780F044414FD02F6091EB649A4197A5
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ACA53 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 132COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetCPInfo.KERNEL32(5EFC4D8B,?,00000005,?,00000000), ref: 005ACA78
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Info
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1807457897-3916222277
                                                                                                                                                                                                                                          • Opcode ID: 2b09d4f8ce84723d90505966ec83a26b31b6130a41752920d875e307a8fedc1b
                                                                                                                                                                                                                                          • Instruction ID: efd865ef0d2a044e08cb01d0964e47466aedbff6059da8e885a64b8c5e09470e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2b09d4f8ce84723d90505966ec83a26b31b6130a41752920d875e307a8fedc1b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4741087150424C9EDF22CE648C85AFEBFB9FB46304F5408EDE58A86142D236AE459F60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059EBA2 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 53COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 0059EBA7
                                                                                                                                                                                                                                            • Part of subcall function 00591983: _wcslen.LIBCMT ref: 00591999
                                                                                                                                                                                                                                            • Part of subcall function 00588823: __EH_prolog.LIBCMT ref: 00588828
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          • C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe, xrefs: 0059EBE0
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog$_wcslen
                                                                                                                                                                                                                                          • String ID: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                          • API String ID: 2838827086-1264874625
                                                                                                                                                                                                                                          • Opcode ID: 4b5bfe3c625cce7e86031b285b8e01f706526f91295e4f4da923b8a065b76ced
                                                                                                                                                                                                                                          • Instruction ID: c29a18726c031e54439fc14a1d36d787fa165fa0c7ff366dc6c0dd499da3efba
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4b5bfe3c625cce7e86031b285b8e01f706526f91295e4f4da923b8a065b76ced
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7C113D315052869EDB25FB68AC1ABDC3FB4F765310F00405FF44496293DFB11648EB22
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AC12C Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • LCMapStringW.KERNEL32(00000000,?,00000000,?,?,?,?,?,?,?,?,?,62E85006,00000001,?,000000FF), ref: 005AC19D
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: String
                                                                                                                                                                                                                                          • String ID: LCMapStringEx
                                                                                                                                                                                                                                          • API String ID: 2568140703-3893581201
                                                                                                                                                                                                                                          • Opcode ID: 9f968d0bbf5c8b5ce6129e6ae8644545c853e9ecb211d5982f0a44e9b73a4c07
                                                                                                                                                                                                                                          • Instruction ID: 7dc1822b2862afa06b21a306adaf0b5ac4839e2e793e7728a9470a72b855fe4e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9f968d0bbf5c8b5ce6129e6ae8644545c853e9ecb211d5982f0a44e9b73a4c07
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EC011332600209BBCF129F90DC06DEE7FA6FB49760F005115FE0425161CB329971EB80
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AC0CA Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 34COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • InitializeCriticalSectionAndSpinCount.KERNEL32(?,?,005AB72F), ref: 005AC115
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CountCriticalInitializeSectionSpin
                                                                                                                                                                                                                                          • String ID: InitializeCriticalSectionEx
                                                                                                                                                                                                                                          • API String ID: 2593887523-3084827643
                                                                                                                                                                                                                                          • Opcode ID: 9b0c4790695b898c544810b85a557e00ae953ef0fc10fee1ecf34b45cdb7a4e3
                                                                                                                                                                                                                                          • Instruction ID: ed41255b0791ebee28074e3823d8f56f16b57de3950bcba0eb1fa5e0b96d526d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9b0c4790695b898c544810b85a557e00ae953ef0fc10fee1ecf34b45cdb7a4e3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 69F0BE31A41218BBCF119F54CC06CAEBFA5FB697A0B005119FC092A261CB316E11EBC0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ABF6F Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 30memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Alloc
                                                                                                                                                                                                                                          • String ID: FlsAlloc
                                                                                                                                                                                                                                          • API String ID: 2773662609-671089009
                                                                                                                                                                                                                                          • Opcode ID: c665ebdd24158869c8086f1c98e4a5fc51cbc31d99bbb0bdf618d53eac75bd96
                                                                                                                                                                                                                                          • Instruction ID: f09b4d0a58787883723568c8789ed550feb0ece101391ece81b12283d520cfd4
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c665ebdd24158869c8086f1c98e4a5fc51cbc31d99bbb0bdf618d53eac75bd96
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 24E0EC3164021C7F9A155B549C069BEBF98EB55710F011159F80556291CF713D01EAC9
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059FD58 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059FD6A
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID: 3To
                                                                                                                                                                                                                                          • API String ID: 1269201914-245939750
                                                                                                                                                                                                                                          • Opcode ID: d737555811cfb944faf76d29b23653a9112f95160a33cd0a748be6eddea1b85a
                                                                                                                                                                                                                                          • Instruction ID: 4b6c9e4d5c5b76507baddc190510cceabd5fe53e35efc9ae86e9ebc3673a63b2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d737555811cfb944faf76d29b23653a9112f95160a33cd0a748be6eddea1b85a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3BB012952686017D3B0852152C0BE3A0E1CF4C0F21330893AF441C0040B4401C440131
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ACDB0 Relevance: 3.2, APIs: 2, Instructions: 168COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005AC97B: GetOEMCP.KERNEL32(00000000,?,?,005ACC04,?), ref: 005AC9A6
                                                                                                                                                                                                                                          • IsValidCodePage.KERNEL32(-00000030,00000000,?,?,?,?,005ACC49,?,00000000), ref: 005ACE24
                                                                                                                                                                                                                                          • GetCPInfo.KERNEL32(00000000,005ACC49,?,?,?,005ACC49,?,00000000), ref: 005ACE37
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CodeInfoPageValid
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 546120528-0
                                                                                                                                                                                                                                          • Opcode ID: 3db810a655b40dfed2ba1db507c80c234cef561c8f2a01b13b1f9b114f96120c
                                                                                                                                                                                                                                          • Instruction ID: fb49fbefce7f83e63f9861c350b3d5f1ccea3d4cb30a3a64d8bee846ae023e68
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3db810a655b40dfed2ba1db507c80c234cef561c8f2a01b13b1f9b114f96120c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 745112719042469EDB22CF75C8856BFBFE9BF83300F14846ED0968B252E735A946DB90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058ACD4 Relevance: 3.1, APIs: 2, Instructions: 134COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SetFilePointer.KERNELBASE(000000FF,?,?,?,-000018C0,00000000,00000800,?,0058ACB0,?,?,00000000,?,?,00589C8B,?), ref: 0058AE3A
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,00589C8B,?,?,?,-000018C0,?,-00002908,00000000,-00000880,?,00000000,?,?,00000000), ref: 0058AE49
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2976181284-0
                                                                                                                                                                                                                                          • Opcode ID: d83dec300345e8eaa6842292da964bbfa88a8104390b8dd46d4b42ee277eb5d6
                                                                                                                                                                                                                                          • Instruction ID: 133440f1398206db959c8c8fc3334a8dd6481b1fd767e1af5df6324f6a9cd80c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d83dec300345e8eaa6842292da964bbfa88a8104390b8dd46d4b42ee277eb5d6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D7412A352053458BFB24BE24C8846BA7BA4FB98312F140A1BEC45D7A51E770EC85DB53
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ACBE7 Relevance: 3.1, APIs: 2, Instructions: 91COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005AA515: GetLastError.KERNEL32(?,005C30C4,005A5982,005C30C4,?,?,005A53FD,?,?,005C30C4), ref: 005AA519
                                                                                                                                                                                                                                            • Part of subcall function 005AA515: _free.LIBCMT ref: 005AA54C
                                                                                                                                                                                                                                            • Part of subcall function 005AA515: SetLastError.KERNEL32(00000000,?,005C30C4), ref: 005AA58D
                                                                                                                                                                                                                                            • Part of subcall function 005AA515: _abort.LIBCMT ref: 005AA593
                                                                                                                                                                                                                                            • Part of subcall function 005ACD0E: _abort.LIBCMT ref: 005ACD40
                                                                                                                                                                                                                                            • Part of subcall function 005ACD0E: _free.LIBCMT ref: 005ACD74
                                                                                                                                                                                                                                            • Part of subcall function 005AC97B: GetOEMCP.KERNEL32(00000000,?,?,005ACC04,?), ref: 005AC9A6
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ACC5F
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ACC95
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$ErrorLast_abort
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2991157371-0
                                                                                                                                                                                                                                          • Opcode ID: a6b6304f584be2d59997f1ff0d546aecf4c605a2b264174eafb01d68bcf28f0f
                                                                                                                                                                                                                                          • Instruction ID: b8c58a9ebf0a7f70750d1e67a7621166b8f7de2c5a74e8eb2c2dfdf7fc1434d0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a6b6304f584be2d59997f1ff0d546aecf4c605a2b264174eafb01d68bcf28f0f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C131B331900209EFDB10EF68D458BAD7FF5FF82320F254099E4289B291EB369D41DB80
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B032 Relevance: 3.1, APIs: 2, Instructions: 83timeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • FlushFileBuffers.KERNEL32(?,?,?,?,?,?,00587ED0,?,?,?,00000000), ref: 0058B04C
                                                                                                                                                                                                                                          • SetFileTime.KERNELBASE(?,?,?,?), ref: 0058B100
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$BuffersFlushTime
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1392018926-0
                                                                                                                                                                                                                                          • Opcode ID: 6492d01a954a5eb5576b47a65d822f3a1b450a5afdf595b49c5ee8b336daa9fe
                                                                                                                                                                                                                                          • Instruction ID: 0eff996f5b4597ab9aa12b29bd53865a6590dd543a5beab26a9e56b613014ff2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6492d01a954a5eb5576b47a65d822f3a1b450a5afdf595b49c5ee8b336daa9fe
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8221F531249245EBD714EE64C899AABBFE8BF92304F04491CF8E1D3151D729E90C9B62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058A8CE Relevance: 3.1, APIs: 2, Instructions: 82fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • CreateFileW.KERNELBASE(?,?,00000001,00000000,00000002,00000000,00000000,?,00000000,?,?,?,0058B1B7,?,?,005881FD), ref: 0058A946
                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,?,00000001,00000000,00000002,00000000,00000000,?,?,00000800,?,?,0058B1B7,?,?,005881FD), ref: 0058A976
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CreateFile
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 823142352-0
                                                                                                                                                                                                                                          • Opcode ID: 2564083df390e4455559cc1ce6fb7e1c6c205958f054161b215e9d8600bd2a6b
                                                                                                                                                                                                                                          • Instruction ID: f68210795dc807b99307b769b5f73540e50d9e45c07b2f077405948cd6664c13
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2564083df390e4455559cc1ce6fb7e1c6c205958f054161b215e9d8600bd2a6b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AE21B0715047486EF370AA258C89BA77ADCFB49320F010A1AFED5D61C2C774A8849B72
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00581F30 Relevance: 3.1, APIs: 2, Instructions: 77COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 00581F35
                                                                                                                                                                                                                                            • Part of subcall function 005842F1: __EH_prolog.LIBCMT ref: 005842F6
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00581FDA
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog$_wcslen
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2838827086-0
                                                                                                                                                                                                                                          • Opcode ID: 275357dc4eba6ed7fc63897648bf0252d5220cba98abef6f1f662eba3f751c1d
                                                                                                                                                                                                                                          • Instruction ID: 69a65af529cd2b65a8de6976894b007ebf7874d0f1ff0015c4a751563283fc6d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 275357dc4eba6ed7fc63897648bf0252d5220cba98abef6f1f662eba3f751c1d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 93216B7190461AAECF11AF98C8559EEFFB9BF48300F10042DF845B7261C7755952CF64
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A4D02 Relevance: 3.1, APIs: 2, Instructions: 67libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • FreeLibrary.KERNEL32(00000000,00000001,005E40C4,?,?,?,005A4EF6,00000004,InitializeCriticalSectionEx,005B7424,InitializeCriticalSectionEx,00000000,?,005A4CAD,005E40C4,00000FA0), ref: 005A4D85
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,?), ref: 005A4D8F
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3013587201-0
                                                                                                                                                                                                                                          • Opcode ID: 66149db6cc3214b0e7ea22ded39982a0a5fdc744e65259ab355ccddb4be236f4
                                                                                                                                                                                                                                          • Instruction ID: 7d50cd3418fe61f780cbfd15c5147cd4e25cfb64e93232f396e2024939453954
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 66149db6cc3214b0e7ea22ded39982a0a5fdc744e65259ab355ccddb4be236f4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B81181366005259F8F26CFE4EC809AE7BA8FB973507140269E905DB250E770ED01DFD0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B110 Relevance: 3.1, APIs: 2, Instructions: 56COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SetFilePointer.KERNELBASE(000000FF,00000000,00000000,00000001), ref: 0058B157
                                                                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 0058B164
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2976181284-0
                                                                                                                                                                                                                                          • Opcode ID: 08173286e14afb18ae3840a31791df43beab8a96f9e4dc29df902ca5a6659987
                                                                                                                                                                                                                                          • Instruction ID: 2990457d0c1cb88acefc99cbae587a289b39ab827129fb25a9ad576c390e3fbf
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 08173286e14afb18ae3840a31791df43beab8a96f9e4dc29df902ca5a6659987
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8911E531A00705AFE735A664CC5DB66BBEDBB48360F604B28E962B75D0E770ED05C750
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AA6A4 Relevance: 3.0, APIs: 2, Instructions: 44memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA6C5
                                                                                                                                                                                                                                            • Part of subcall function 005AA7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,005A5594,?,0000015D,?,?,?,?,005A6A70,000000FF,00000000,?,?), ref: 005AA830
                                                                                                                                                                                                                                          • RtlReAllocateHeap.NTDLL(00000000,?,?,?,?,005C30C4,0058187A,?,?,00000007,?,?,?,005813F2,?,00000000), ref: 005AA701
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AllocateHeap$_free
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1482568997-0
                                                                                                                                                                                                                                          • Opcode ID: 0d7caf0fcd463a0560270e13934ed3945bb1481237f4d9b0eb56bc190bacd3b7
                                                                                                                                                                                                                                          • Instruction ID: 3f8e5af76c4338771ef60365557d31d7d98cd9365e6b18a0bfd54578d30bcca6
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0d7caf0fcd463a0560270e13934ed3945bb1481237f4d9b0eb56bc190bacd3b7
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B8F0C231901612A7DB252A26AC05F6F2F28FFC3BA0B184016F81597191EB209C40EDAB
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005923BD Relevance: 3.0, APIs: 2, Instructions: 33COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetCurrentProcess.KERNEL32(?,?), ref: 005923CA
                                                                                                                                                                                                                                          • GetProcessAffinityMask.KERNEL32(00000000), ref: 005923D1
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Process$AffinityCurrentMask
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1231390398-0
                                                                                                                                                                                                                                          • Opcode ID: e5c8c93c42e2a392b310e1787f9645ea8d785fa3052f14bcdc00f4a66b07e9c3
                                                                                                                                                                                                                                          • Instruction ID: 47e855c6eb90699d4aa7149975c584c1fb5315d00cd2deb4a097f6b159680ae0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e5c8c93c42e2a392b310e1787f9645ea8d785fa3052f14bcdc00f4a66b07e9c3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CBE0D832B10109B78F1997F4BC098EF7BDCFA54204B104576A503E3101F978ED0557A0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B8E6 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B8FA
                                                                                                                                                                                                                                            • Part of subcall function 0058CF32: _wcslen.LIBCMT ref: 0058CF56
                                                                                                                                                                                                                                          • SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B92B
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AttributesFile$_wcslen
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2673547680-0
                                                                                                                                                                                                                                          • Opcode ID: 448de3e9630bd17c670c216179a1d84b156408109a3dd64675ba241d53267b38
                                                                                                                                                                                                                                          • Instruction ID: e0886ef0966bec8e5d274160d81aa62f29806c2018392180c66748a4de5d4d6b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 448de3e9630bd17c670c216179a1d84b156408109a3dd64675ba241d53267b38
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 08F0A03110410ABBEF216F60CC44BDA3B6CBB147C5F008060BA44E5165DB31DD94AB20
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B470 Relevance: 3.0, APIs: 2, Instructions: 27fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • DeleteFileW.KERNELBASE(?,00000000,?,0058A438,?,?,?,?,0058892B,?,?,?,005B380F,000000FF), ref: 0058B481
                                                                                                                                                                                                                                            • Part of subcall function 0058CF32: _wcslen.LIBCMT ref: 0058CF56
                                                                                                                                                                                                                                          • DeleteFileW.KERNEL32(?,?,?,00000800,?,0058A438,?,?,?,?,0058892B,?,?,?,005B380F,000000FF), ref: 0058B4AF
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: DeleteFile$_wcslen
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2643169976-0
                                                                                                                                                                                                                                          • Opcode ID: c9787c055ec9fd0214d83637f2e7be0dce595d5ec05d77ff21dad94e3039baa9
                                                                                                                                                                                                                                          • Instruction ID: af658d834d5b528f14bc699a3ec55d104ddfa1be2e2bcf2c125f49282030ea69
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c9787c055ec9fd0214d83637f2e7be0dce595d5ec05d77ff21dad94e3039baa9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 03E092321402096BFF116BA0CC49FDA3B6DBB14382F444021BE45E60A2DB75ED88AB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059BD81 Relevance: 3.0, APIs: 2, Instructions: 26comCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GdiplusShutdown.GDIPLUS(?,?,?,?,005B380F,000000FF), ref: 0059BDB5
                                                                                                                                                                                                                                          • OleUninitialize.OLE32(?,?,?,?,005B380F,000000FF), ref: 0059BDBA
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: GdiplusShutdownUninitialize
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3856339756-0
                                                                                                                                                                                                                                          • Opcode ID: 43e3aee9da0fab1f5008e1df1920ead6dd213b56c809805ea236dea9e32a80a1
                                                                                                                                                                                                                                          • Instruction ID: 37dca847f22c037c2c5b1202a75208329fd200c1d16d0841663d07aff5884d65
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 43e3aee9da0fab1f5008e1df1920ead6dd213b56c809805ea236dea9e32a80a1
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 30E06D72604A54EFCB159B48DC45F4AFFA9FB98B24F14826AB416D37A0CB74B801CA91
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F002 Relevance: 3.0, APIs: 2, Instructions: 25COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059F02C
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(00000065,?), ref: 0059F043
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0059C769
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0059C77A
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: IsDialogMessageW.USER32(0001044A,?), ref: 0059C78E
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: TranslateMessage.USER32(?), ref: 0059C79C
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: DispatchMessageW.USER32(?), ref: 0059C7A6
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Message$DialogDispatchItemPeekTextTranslate__vswprintf_c_l_swprintf
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2718869927-0
                                                                                                                                                                                                                                          • Opcode ID: edaf4f0a7e573f9c737ec25b6c586b1799285f2b6df120bfea4325db8ab25084
                                                                                                                                                                                                                                          • Instruction ID: 62c1bc208b4b186532e74ee6a584d43135736ec5962fa43f8559a3182c6f73c6
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: edaf4f0a7e573f9c737ec25b6c586b1799285f2b6df120bfea4325db8ab25084
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F5E02B7240424D3BDF017760DC0EF9A3E6C7B5438DF040051B640E60A2D6B48514DB62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B4D3 Relevance: 3.0, APIs: 2, Instructions: 25COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(?,?,?,0058B4CA,?,00588042,?), ref: 0058B4E4
                                                                                                                                                                                                                                            • Part of subcall function 0058CF32: _wcslen.LIBCMT ref: 0058CF56
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(?,?,?,00000800,?,?,0058B4CA,?,00588042,?), ref: 0058B510
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AttributesFile$_wcslen
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2673547680-0
                                                                                                                                                                                                                                          • Opcode ID: 96e4a07b4fbc130bf1320120d9cb56070cccae985d9f4fe4f091079002324f92
                                                                                                                                                                                                                                          • Instruction ID: ccc15100e84cbe0f1d25b292d39e7c13f6548c9ee18725d6e6331fcd116de708
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 96e4a07b4fbc130bf1320120d9cb56070cccae985d9f4fe4f091079002324f92
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6DE092325002286BDB20BB64DC08BD97F5CBB593E1F000260FE45E7196E770AD449BE0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00591B3B Relevance: 3.0, APIs: 2, Instructions: 24libraryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00591B56
                                                                                                                                                                                                                                          • LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0059063A,Crypt32.dll,00000000,005906B4,00000200,?,00590697,00000000,00000000,?), ref: 00591B78
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: DirectoryLibraryLoadSystem
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1175261203-0
                                                                                                                                                                                                                                          • Opcode ID: e57bb8aa29b786d2a7be21f4d3ac93ded95581a97aa2dfbffe09cfb6ed881abb
                                                                                                                                                                                                                                          • Instruction ID: 9def4f49a0d74483d8052b53cd4486ea68571997f5260b2fb2f39fc1fbcd6606
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e57bb8aa29b786d2a7be21f4d3ac93ded95581a97aa2dfbffe09cfb6ed881abb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AFE0487650112C6ADF11A7A4DC0CFDA7BACFF493C1F0400657645D2045DA74EA84DFB0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059B3C8 Relevance: 3.0, APIs: 2, Instructions: 23windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GdipCreateBitmapFromStreamICM.GDIPLUS(?,?), ref: 0059B3E9
                                                                                                                                                                                                                                          • GdipCreateBitmapFromStream.GDIPLUS(?,?), ref: 0059B3F0
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: BitmapCreateFromGdipStream
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1918208029-0
                                                                                                                                                                                                                                          • Opcode ID: 1d6e1e0c92db1d447423e88b9ff28da09a4577fb8fcefa7979d198ff446a2273
                                                                                                                                                                                                                                          • Instruction ID: 7c6eadd7090c1fd8be9bb001cf84ac27f0826c5129b4a9b7c443147eb9a432f4
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1d6e1e0c92db1d447423e88b9ff28da09a4577fb8fcefa7979d198ff446a2273
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C6E06D71500208EBEB10DF89C505799BBE8FB04350F20846AE88693600E374AE449B90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A3D1C Relevance: 3.0, APIs: 2, Instructions: 19COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 005A3D3A
                                                                                                                                                                                                                                          • ___vcrt_uninitialize_ptd.LIBVCRUNTIME ref: 005A3D45
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Value___vcrt____vcrt_uninitialize_ptd
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1660781231-0
                                                                                                                                                                                                                                          • Opcode ID: ce1865191cb6a942ad4ea685754909a29338732aa25ca743ab3265d21f96817f
                                                                                                                                                                                                                                          • Instruction ID: 4cb12651ccfbec1762c91322f4cd3efed77d34ca0d4e656c4c4cf5a5de1c0e0a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ce1865191cb6a942ad4ea685754909a29338732aa25ca743ab3265d21f96817f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 67D02335404703D48F1832B42C0B44D1F54BDD3FFC7A02656F2209E0C1DF7486056911
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005812D1 Relevance: 3.0, APIs: 2, Instructions: 11COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ItemShowWindow
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3351165006-0
                                                                                                                                                                                                                                          • Opcode ID: beb24971e41422d90d5c4d2eaa2305e1ee98c9de411cc5de40217f087351f069
                                                                                                                                                                                                                                          • Instruction ID: 2f46c46d6f500d94c278c6fac4318603cb3ef6cb8a1eb9d1c4881f6088023210
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: beb24971e41422d90d5c4d2eaa2305e1ee98c9de411cc5de40217f087351f069
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6CC01233058A80BECB090BB0DC09E2ABBA8ABA5216F10CA08F0E6C5060E239C014EB11
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00581AD3 Relevance: 1.8, APIs: 1, Instructions: 319COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: faa578a85ec53a30c7955a7f71d5205b2099d0ab3d66e8321ed9494378e2520f
                                                                                                                                                                                                                                          • Instruction ID: 7e20e13323f85af1b93248cf4a7baf5fa893a67665c54d2ad17ff2e7a35139b9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: faa578a85ec53a30c7955a7f71d5205b2099d0ab3d66e8321ed9494378e2520f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 80C1A534A006559FDF25EF28C484BAD7FA9BF46310F1805B9EC06AF296C7309E46CB65
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005842F1 Relevance: 1.7, APIs: 1, Instructions: 177COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: 5567fb1c6105532d3812ff98cb9ad1f2a8333c90cbc8aba1a42a7ef4a785b628
                                                                                                                                                                                                                                          • Instruction ID: 01ee5b63ce97d2c94ae6ac56e0ee08c92e8169eb4ba22093268ce92650686697
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5567fb1c6105532d3812ff98cb9ad1f2a8333c90cbc8aba1a42a7ef4a785b628
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8271C2B1504B869FCB21EB74C855AFBBFE8BF55300F04092EA9ABA2191DB707644CF11
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005890A2 Relevance: 1.6, APIs: 1, Instructions: 114COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 005890A7
                                                                                                                                                                                                                                            • Part of subcall function 005813F8: __EH_prolog.LIBCMT ref: 005813FD
                                                                                                                                                                                                                                            • Part of subcall function 00582032: __EH_prolog.LIBCMT ref: 00582037
                                                                                                                                                                                                                                            • Part of subcall function 0058B966: FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0058B991
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog$CloseFind
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2506663941-0
                                                                                                                                                                                                                                          • Opcode ID: 337012ebf14f9a349754f8bb9ba064b87e6171c306cc273e2d9ea352394ee924
                                                                                                                                                                                                                                          • Instruction ID: 74edf70f85010b8c5d7aeba2027dc5c6cc942796abb6f4b34cd504866fc59d14
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 337012ebf14f9a349754f8bb9ba064b87e6171c306cc273e2d9ea352394ee924
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 934198719042555ADB24F760C8A9AF97BB9BF50340F4804E9F98AB7082D7755F88CF10
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005813FD Relevance: 1.6, APIs: 1, Instructions: 107COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 005813FD
                                                                                                                                                                                                                                            • Part of subcall function 00586891: __EH_prolog.LIBCMT ref: 00586896
                                                                                                                                                                                                                                            • Part of subcall function 0058E298: __EH_prolog.LIBCMT ref: 0058E29D
                                                                                                                                                                                                                                            • Part of subcall function 0058644D: __EH_prolog.LIBCMT ref: 00586452
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: 80b7c625f688ddcdfd2aa476b84926b44585b9322f795dead1d7858c609b62aa
                                                                                                                                                                                                                                          • Instruction ID: 3bd26bf6316f259b45c1ba7981e614ab3fd0ff3a4bab37a2ef64b5b454ad0b86
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 80b7c625f688ddcdfd2aa476b84926b44585b9322f795dead1d7858c609b62aa
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0F5142B1A067808ECB14DF2994802C9BFE5BF59300F0802BEEC49DF69BD7710214CB62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005813F8 Relevance: 1.6, APIs: 1, Instructions: 106COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 005813FD
                                                                                                                                                                                                                                            • Part of subcall function 00586891: __EH_prolog.LIBCMT ref: 00586896
                                                                                                                                                                                                                                            • Part of subcall function 0058E298: __EH_prolog.LIBCMT ref: 0058E29D
                                                                                                                                                                                                                                            • Part of subcall function 0058644D: __EH_prolog.LIBCMT ref: 00586452
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: 9d1cac8828e371038c44d58177c3b305c23c00a5bb0ef3a9ee9e63e69abaef71
                                                                                                                                                                                                                                          • Instruction ID: ea0d5f5de6675a6dd38ec2196887edea7b30621eee6f3693d36e474b0e9f7640
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9d1cac8828e371038c44d58177c3b305c23c00a5bb0ef3a9ee9e63e69abaef71
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 545143B19067808EDB14EF6880802C9BFE5BF59300F0802BEEC49DF69BD7711215CB62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005947AD Relevance: 1.6, APIs: 1, Instructions: 89COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: adf96b749fd11f703ac846155b16ece5732cdbeeed77a511cf7cdfccebe3a5a2
                                                                                                                                                                                                                                          • Instruction ID: 5a5b03ada54886acbc7fb6176f1adde3187840d3f6c5866a7e62fe865fd06985
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: adf96b749fd11f703ac846155b16ece5732cdbeeed77a511cf7cdfccebe3a5a2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A621D2B2E40616ABDF149F64CD45A5B7EA8FB49314F04063AE605EB681E3709D01CAA8
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C217 Relevance: 1.6, APIs: 1, Instructions: 72COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 0059C21C
                                                                                                                                                                                                                                            • Part of subcall function 005813F8: __EH_prolog.LIBCMT ref: 005813FD
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: f344ba2a7c6b91d744aa9a6ed63b138d9665e1d17dd615a18afa7c53ce4a43e6
                                                                                                                                                                                                                                          • Instruction ID: 84a373b7debe318e6957ad656ca9d6c14dd0acdae6d0354df299f7e2268acc70
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f344ba2a7c6b91d744aa9a6ed63b138d9665e1d17dd615a18afa7c53ce4a43e6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0A218E75C0421AAFCF15EF98C8469EEBFB4BF49304F0004AAE846B3642E7756A45DB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ABE58 Relevance: 1.6, APIs: 1, Instructions: 65libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,?), ref: 005ABEB8
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressProc
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 190572456-0
                                                                                                                                                                                                                                          • Opcode ID: fa8f37adcc49b6634bb6409fb9888ff9c902f845acabdfe4552578138902ffda
                                                                                                                                                                                                                                          • Instruction ID: 0af6ebf5d6c58ae5d25f0d015471251a985a0a1eaf119502e9c59be7a0fd090e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fa8f37adcc49b6634bb6409fb9888ff9c902f845acabdfe4552578138902ffda
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B111E733A005359FAB259F28EC408DE7BE9FB823207164620EE54EB246D730EC059AD0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058A475 Relevance: 1.6, APIs: 1, Instructions: 59COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3519838083-0
                                                                                                                                                                                                                                          • Opcode ID: eb02bf3807614fd9e099a77591e1baf29243c8e41b3d44f777bba1c93e5ecded
                                                                                                                                                                                                                                          • Instruction ID: affdb61fece6708250caae5b0938aab4d1e405f4183269f8fd70d6c15c16dc45
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: eb02bf3807614fd9e099a77591e1baf29243c8e41b3d44f777bba1c93e5ecded
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B311A73690062697DF15FF68C89AABEBB74FF84710F01411AFC15B7252DB749D018791
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AD639 Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005AC2F6: RtlAllocateHeap.NTDLL(00000008,?,00000000,?,005AA543,00000001,00000364,?,005A53FD,?,?,005C30C4), ref: 005AC337
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AD6A5
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AllocateHeap_free
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 614378929-0
                                                                                                                                                                                                                                          • Opcode ID: 7d30b6ea8507d2c13b34e354a80f4644266152c8881b27fa68bdf41323802f68
                                                                                                                                                                                                                                          • Instruction ID: ed8ba753602694fcdbb348359a321829b36a3ea2b588c375424ccdbda8bd724c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7d30b6ea8507d2c13b34e354a80f4644266152c8881b27fa68bdf41323802f68
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 89012672200305ABE3219E69DC4595EFFE8FBD6370F25061DE59993280EB30A805C678
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AC2F6 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,005AA543,00000001,00000364,?,005A53FD,?,?,005C30C4), ref: 005AC337
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AllocateHeap
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1279760036-0
                                                                                                                                                                                                                                          • Opcode ID: f78f5e596bedc0a21529f8422c0433b652726b50246feec6edb46e10ec8ff252
                                                                                                                                                                                                                                          • Instruction ID: 9017f60d48ea9721ae246a912b2a75ba45604c1ee89934a130300a7eedf4e2f1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f78f5e596bedc0a21529f8422c0433b652726b50246feec6edb46e10ec8ff252
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9CF0BE32600225AADF315B2A9D0AA5F7F88FF83762B14C853A819AB191DB20D900D6E1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AA7FE Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • RtlAllocateHeap.NTDLL(00000000,?,?,?,005A5594,?,0000015D,?,?,?,?,005A6A70,000000FF,00000000,?,?), ref: 005AA830
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AllocateHeap
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1279760036-0
                                                                                                                                                                                                                                          • Opcode ID: 7c38693c666f4388a3d3713e42aab1126f64c4b4e6235bb150eb331bb8af4ba2
                                                                                                                                                                                                                                          • Instruction ID: 0f2d952eeb87a8dd4573b33b375c0f97c54954d38e5529c93d51816b72a776c5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7c38693c666f4388a3d3713e42aab1126f64c4b4e6235bb150eb331bb8af4ba2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C9E06D7520022357EA322666AC09B6F7E88FF937A0F154120AC1596192EB29DC06E6F3
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058A880 Relevance: 1.5, APIs: 1, Instructions: 30COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • FindCloseChangeNotification.KERNELBASE(000000FF,?,?,0058A83D,?,?,?,?,?,005B380F,000000FF), ref: 0058A89B
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ChangeCloseFindNotification
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2591292051-0
                                                                                                                                                                                                                                          • Opcode ID: b89efe8214dd3886a1223871c713c6c351e49dfc4a18a357f1a3a2b82d2f5d69
                                                                                                                                                                                                                                          • Instruction ID: db4675dbb3523cf2d092c1971ebeaf42e914e937779e15f931677b57e69881a0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b89efe8214dd3886a1223871c713c6c351e49dfc4a18a357f1a3a2b82d2f5d69
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 56F0BE31185B058FFB30AA24C44C792BBE4BB12325F140B5ED4E2628E4D370A98ECF62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B966 Relevance: 1.5, APIs: 1, Instructions: 27COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 0058BA94: FindFirstFileW.KERNELBASE(?,?,?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BABD
                                                                                                                                                                                                                                            • Part of subcall function 0058BA94: FindFirstFileW.KERNEL32(?,?,?,?,00000800,?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BAEB
                                                                                                                                                                                                                                            • Part of subcall function 0058BA94: GetLastError.KERNEL32(?,?,00000800,?,?,?,?,0058B98B,000000FF,?,?), ref: 0058BAF7
                                                                                                                                                                                                                                          • FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0058B991
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Find$FileFirst$CloseErrorLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1464966427-0
                                                                                                                                                                                                                                          • Opcode ID: c5fca955f1bf1349201f4252e2d5873604426054382885cf9bb26a43c318b995
                                                                                                                                                                                                                                          • Instruction ID: de7d99359ff7e1d06c45d4bed74b2c5fdd4ede0c7f5371440b86c153ead8ff9a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c5fca955f1bf1349201f4252e2d5873604426054382885cf9bb26a43c318b995
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0AF08931008791AADA223BB458087CBBF947F56335F008A49FAFD221D2C37450959721
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00592128 Relevance: 1.5, APIs: 1, Instructions: 21threadCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SetThreadExecutionState.KERNEL32(00000001), ref: 0059215D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExecutionStateThread
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2211380416-0
                                                                                                                                                                                                                                          • Opcode ID: 5bee12190cab30acb49954531c16e8b4504eb19af43757e63c537711502aea1b
                                                                                                                                                                                                                                          • Instruction ID: cfd3496655ed423b332d7502b91f5beba988ecceba514397edc7b0a9c0e8ba81
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5bee12190cab30acb49954531c16e8b4504eb19af43757e63c537711502aea1b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4FD0C20260401526DF22337C288DBFD1E4A3FD6320F1800AAB609261938B540846A2B2
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059B636 Relevance: 1.5, APIs: 1, Instructions: 16memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GdipAlloc.GDIPLUS(00000010), ref: 0059B63C
                                                                                                                                                                                                                                            • Part of subcall function 0059B3C8: GdipCreateBitmapFromStreamICM.GDIPLUS(?,?), ref: 0059B3E9
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Gdip$AllocBitmapCreateFromStream
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1915507550-0
                                                                                                                                                                                                                                          • Opcode ID: 67c6c0b1a9f8045d953eebf11179e7c179da5fb7bf356439fdf6af47a3be8cb5
                                                                                                                                                                                                                                          • Instruction ID: 23a06ca23582c34acc522a87d0a48e876594aaad13b5868161c0edc791ca5e0f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 67c6c0b1a9f8045d953eebf11179e7c179da5fb7bf356439fdf6af47a3be8cb5
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 56D0A73020430976FF016B60DD06A7E7E94BF40340F008531BD01D5190EBF1EB209291
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F747 Relevance: 1.5, APIs: 1, Instructions: 13COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • DloadProtectSection.DELAYIMP ref: 0059F76F
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: DloadProtectSection
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2203082970-0
                                                                                                                                                                                                                                          • Opcode ID: 634676cfd23c4387dd6ad52dd95ce1bbb8da572b3bc81f1147243af47babc93b
                                                                                                                                                                                                                                          • Instruction ID: 61f857a07123ac15311c873c67a54f0f6fc3059958b75347c86afc28241221ee
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 634676cfd23c4387dd6ad52dd95ce1bbb8da572b3bc81f1147243af47babc93b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 18D01230640289EDDF19EBB89E8E7183EA0F358389F541671F585C7191C7645544A711
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059EEBD Relevance: 1.5, APIs: 1, Instructions: 13windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SendDlgItemMessageW.USER32(0000006A,00000402,00000000,00000000,00592E88), ref: 0059EEE2
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0059C769
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0059C77A
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: IsDialogMessageW.USER32(0001044A,?), ref: 0059C78E
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: TranslateMessage.USER32(?), ref: 0059C79C
                                                                                                                                                                                                                                            • Part of subcall function 0059C758: DispatchMessageW.USER32(?), ref: 0059C7A6
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Message$DialogDispatchItemPeekSendTranslate
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 897784432-0
                                                                                                                                                                                                                                          • Opcode ID: f32c7d7bbdc8ce265521a4b6114c6feb6a04cf8d7e6fa5f0275f0728d6abcbef
                                                                                                                                                                                                                                          • Instruction ID: 5f674597476158b330c3c70d14f8317ef45618fb86d376797cc4ca8c5ac9bb83
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f32c7d7bbdc8ce265521a4b6114c6feb6a04cf8d7e6fa5f0275f0728d6abcbef
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 52D09E31144641AFDA023B51CD4AF0A7FE2BBD8B09F004554B285740B186629D25AF46
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058AB1C Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetFileType.KERNELBASE(000000FF,0058AA1E), ref: 0058AB28
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileType
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3081899298-0
                                                                                                                                                                                                                                          • Opcode ID: e93854f578062a3050a788caf076862917c61606c0dabfc9c9f6aed5550b1fc3
                                                                                                                                                                                                                                          • Instruction ID: 6661e10d4d73a48593f08b08bfc990fb32a1240c502e12ff4767a88d84f10542
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e93854f578062a3050a788caf076862917c61606c0dabfc9c9f6aed5550b1fc3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1FC01234000109855E706A6498480557A23BA523677B4A396C464D90A1C3228C47EB02
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F35A Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 57b49793af4077418afe3428d3c702cf89191bbefe45cabac209bb7617b0b320
                                                                                                                                                                                                                                          • Instruction ID: 7ab0389f9eb15b4f0d26865a8f7d8496f756ec6c3c6191c5805b96a9e4f6a259
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 57b49793af4077418afe3428d3c702cf89191bbefe45cabac209bb7617b0b320
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 26B012892681037D3A4C921D6C17E3F0E6CF0C0B19330883EF440C0040F4C01C055331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F350 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: b9a1170b6585cbaf50ea1fedb2c27a94092c0022957f866121a9c11535c4ddbe
                                                                                                                                                                                                                                          • Instruction ID: 7a0466b50826b744f0de99f79cef2db8b03794dd760b80a9ba1aa6a5063f95bb
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b9a1170b6585cbaf50ea1fedb2c27a94092c0022957f866121a9c11535c4ddbe
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 81B012962781037D3A4C922D6C17E3A0E7CF0C0B15370493FF040C0040F4801C015731
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F346 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 9435bf00843d466cc3aae3242dd13c87d976c78652617f1d59671a0b96f95f72
                                                                                                                                                                                                                                          • Instruction ID: 378894f6e2fd5b5f4fb6d13f4ea053a0d82f45ed00a9bfa6065f54963f02e1c5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9435bf00843d466cc3aae3242dd13c87d976c78652617f1d59671a0b96f95f72
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D3B012962680037D3A4C922D6D17E3A0E7CF0C0B153704A3EF040C4040F4C01C025331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F378 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 8df7cfacb3117507104c99bec3bac7137ee51ab3a6fbc43490479949b479b1bc
                                                                                                                                                                                                                                          • Instruction ID: 8e64a00ab60fde77f2a7d4c182bc8f11c9eb261189ca0f91f1c3919fba91c71b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8df7cfacb3117507104c99bec3bac7137ee51ab3a6fbc43490479949b479b1bc
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6FB01289268103BD3A4C921D6C17E3B0E6CF0C0B15370483EF040C0040F4C01C055331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F364 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: c41ba78155d8a7b531142ce96ab00ddb1fca9154655ffc8006a554bf1199f6d3
                                                                                                                                                                                                                                          • Instruction ID: 73c2d3778d3efadd9a3ce72e3cd9387fd5b053220afb63c9560cd40cb3caa49b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c41ba78155d8a7b531142ce96ab00ddb1fca9154655ffc8006a554bf1199f6d3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D4B012892682037D3E8C921D6C17E3B0EACF0C0B15330493EF040C0040F4C01C459331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F32B Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 28a026831126231219aed43f015abcd4f06e82ed8dc6d137f35d878e6ff14421
                                                                                                                                                                                                                                          • Instruction ID: dd117a693031c08a180f654a7ee5a2e05f9f68eb64c80c21f781374a9e04647b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 28a026831126231219aed43f015abcd4f06e82ed8dc6d137f35d878e6ff14421
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 53B012862680037E3A0C52192C1BD7A0E2CF0C0B15370483EF040C0040F4801C015231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3DC Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 729c22213e96c045bcfcbdf9836504c5719e611101ce104511abc08bf7fd6c8f
                                                                                                                                                                                                                                          • Instruction ID: f9cb48b02a8cb282f3532c139f21cd56e0848b6b7963902dc5a255ddf283f785
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 729c22213e96c045bcfcbdf9836504c5719e611101ce104511abc08bf7fd6c8f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 65B0129526A1037D3A8C931D2C27E3E0E6CF0C0B15330493EF040C0040F4801C415331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3C8 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: e0e6e96befd3935d52c57f7552eb0e13dd390e33e9beb6682fdddd8f82ade21e
                                                                                                                                                                                                                                          • Instruction ID: 7bb2ed41f0770e27d4de6a6a2796b4aa92dfdf9fedda3799952945d8f73885a6
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e0e6e96befd3935d52c57f7552eb0e13dd390e33e9beb6682fdddd8f82ade21e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 14B012952680037D3A4C921E2C17E3A0E6CF0C0B15370483EF040C4040F4801C015331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F396 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 9d4abd211d72306b5605cc8b613a30a776f514191e2fafcdcab6e68c5f4a912f
                                                                                                                                                                                                                                          • Instruction ID: 7cc363a0d1a67eef8bc0be3cf4fa60eeef996649f5ef1f957766c84d5e44bc48
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9d4abd211d72306b5605cc8b613a30a776f514191e2fafcdcab6e68c5f4a912f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0AB012852680037D3A4C921D2D17F3A0E6CF0C0B15330883EF080C4140F4D01C0A5331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F38C Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 49b61071c5b1142f90d3cd8dd109943eec96b5f637a7a913fc88781d021710d5
                                                                                                                                                                                                                                          • Instruction ID: 5f77351b2e17bce5dccd73f927680f16db2007001ca99fd07679d7e02a1b221c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 49b61071c5b1142f90d3cd8dd109943eec96b5f637a7a913fc88781d021710d5
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EFB012852681437D3A8C921D3C17F3A0E6CF0C0B15330893EF080C0140F4801C455331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F382 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 66a49e030857685c8b485c0292381b567df44da2eabbd288489cac78514572f4
                                                                                                                                                                                                                                          • Instruction ID: b51b0148c8c0a52a41b34058ffc9433b9d9a3032c52715cfdfe499c218364769
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 66a49e030857685c8b485c0292381b567df44da2eabbd288489cac78514572f4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A4B012852680037D3A4C921D2C17F3E0E6CF0C0B19330C83EF480C0180F4801C055331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3BE Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 8968e8af9b640bf7a0f9147b0b109fcd850a2b640255ccfddd54423572fb4880
                                                                                                                                                                                                                                          • Instruction ID: 207284490f7bc8ee248ee91dfc00d7ad9984f9af4ee32ad7c1ae13b85214620e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8968e8af9b640bf7a0f9147b0b109fcd850a2b640255ccfddd54423572fb4880
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 21B012952680037D3A4C921D2D17E3A0E6CF0C0B15330483EF040C4040F4C01D025331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3AA Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 9e8409c66585e55038936183e473c6512a9cdb7a175c32c860e3a19a5a67f3ae
                                                                                                                                                                                                                                          • Instruction ID: 50444564aa9c58fa00e51b1902537bcb9b3df6e71ce77fffa954a5a2a97c7b9b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9e8409c66585e55038936183e473c6512a9cdb7a175c32c860e3a19a5a67f3ae
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 71B012952680037D3A4C921D2C17E3E0E6CF0C0B19330883EF440C0040F4801C015331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3A0 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 2d477c06b809d89796df00d98af345340ff47cebce2e0acba6c0531c9a96829a
                                                                                                                                                                                                                                          • Instruction ID: 380ae9309d60400d97c9cba6b58f4740cd4f08949405ed5e0d525e3bd89a2916
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2d477c06b809d89796df00d98af345340ff47cebce2e0acba6c0531c9a96829a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D6B012852680037D3A4C925D2C17F3A0F6CF0C0B153708C3EF080C0140F4801C055331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F40E Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 7ce5964137b0d3b36cbcc11beb8f0de579b6d0d6ca8d68af5c4fa5ace4db518b
                                                                                                                                                                                                                                          • Instruction ID: 3ca4c8abee0e91376af1d779aa6197085d29e1904441788218f36956e6ee3c78
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7ce5964137b0d3b36cbcc11beb8f0de579b6d0d6ca8d68af5c4fa5ace4db518b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9BB012A9268003BD3A4C921D2D17E3A0EECF0C0B15370483EF040C4040F4C01C026331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F57D Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: f9cdd10417fbbe69a2fe3a83aacd2605e98f257f65397ee35de9ccdfda171abe
                                                                                                                                                                                                                                          • Instruction ID: 69a79ff31cecc945a4ec27e90788d8be253c65f4bce5a9035bfc0f86a045fed2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f9cdd10417fbbe69a2fe3a83aacd2605e98f257f65397ee35de9ccdfda171abe
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6DB012D53E8101BF3648531A3C1BE3A0E5CF0C4B11330843AF040C1040F4805C040331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F573 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 2b44f172eb29c0c5a825f9f344887c9873700d6c6911fa9fa3938e24bf94564c
                                                                                                                                                                                                                                          • Instruction ID: e86968ddcd1fa7678f53869c7e8f7741108a9f4bc9eabc634e740b9104e5849a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2b44f172eb29c0c5a825f9f344887c9873700d6c6911fa9fa3938e24bf94564c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BCB012D53A82017F3B48931A3C0BD3A0E9CF4C4B11330853AF040C1040F4805C480231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F5A5 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 0ce15b0a436b62d30180cfa5521d8f9de68990172b065efd76d36c2e1879f25f
                                                                                                                                                                                                                                          • Instruction ID: d63ed8bea44fe977f5668a95b9ac31b96b8064e1e81d9763d117b899202f3107
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0ce15b0a436b62d30180cfa5521d8f9de68990172b065efd76d36c2e1879f25f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E0B012D63B80017F364863297C1FE3A0E5CF0C4B11330863BF040C1040F4405C000231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6D2 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 9ea9d9fd49cd8eb7a2deadb928895285c752d6fe7b01135a68fa93a364ffdcbc
                                                                                                                                                                                                                                          • Instruction ID: 1a2752ae9bd04c5bca24b91e72abf0508beb4524e5835af079aacf1e8c69d12d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9ea9d9fd49cd8eb7a2deadb928895285c752d6fe7b01135a68fa93a364ffdcbc
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D7B01285278101BD364852196C0BD3E0E6CF0C4B15330843EF400C5080F4405C040331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F699 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 39de547faab039f8d3b2bcbd23e4598f7fbf81256ecaa7915982d3ff43cc969f
                                                                                                                                                                                                                                          • Instruction ID: 87d0abab07fbc5b5177dd81aec931ba6f68d5a12ee8d931dfb377fd6f1886afc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 39de547faab039f8d3b2bcbd23e4598f7fbf81256ecaa7915982d3ff43cc969f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A6B0129927A1017D36081215FD0BC3A0E1CF8C0B25330843EF000D4082B4415C010231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6BE Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 629a4b4b0d27c9e8fd8389ac5294339b466b5bbbf4f771a59dfff0c16f6cbf7a
                                                                                                                                                                                                                                          • Instruction ID: a45c4f83a6a7229496ad10687d8b47e683ca39a683ecad2942a0faced40604be
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 629a4b4b0d27c9e8fd8389ac5294339b466b5bbbf4f771a59dfff0c16f6cbf7a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0EB012852781417D360852296D0BD3A0E5CF0C4B25330843EF000C4080F4415C050331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6B4 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 8f3aa3bc238e60ead24df3696ddabf271bb7d504130dd8086412a3d8f61eba7c
                                                                                                                                                                                                                                          • Instruction ID: a10653b3daf48a055b60de78aeec07da5996d8a111e95280660c46081012b8e9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8f3aa3bc238e60ead24df3696ddabf271bb7d504130dd8086412a3d8f61eba7c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 09B012852782017D370892296C0BD3A0E6CF4C4B15330453EF000C0180F4415C480331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F71F Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F70C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 5d1b8dff4618cc720db2267f0d62da52be7ae67c28fbff738bfade518ab51106
                                                                                                                                                                                                                                          • Instruction ID: 9eb525dd332148dfb51ce4d49b1fc8b0a1d8ac67faa2c69a1c243637f716ea96
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5d1b8dff4618cc720db2267f0d62da52be7ae67c28fbff738bfade518ab51106
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2AB012852685417D360C53592D07E3E0D5CF4C0B113304C3AF040C4041F4801D410231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F73D Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F70C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 18b64acbe9619c5a660def82bf92c44e64e08d65243a5fb304675a9014595436
                                                                                                                                                                                                                                          • Instruction ID: 600ccdb85da38f290920714498d211969a9701cdb73af048e28cfe1b7e2b7455
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 18b64acbe9619c5a660def82bf92c44e64e08d65243a5fb304675a9014595436
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ADB012852685017D360C53592C07E3E0D5CF4C0B153308C3AF440C5041F4401C440331
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F733 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F70C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: e1973d8a94291d8d344332c0d3e8f6b6ac47441ef15a4ff25c33078604e78b1e
                                                                                                                                                                                                                                          • Instruction ID: 70521a07555ddc1a68dfde40d8cb75b8ec034ff4051127f769f719170df25647
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e1973d8a94291d8d344332c0d3e8f6b6ac47441ef15a4ff25c33078604e78b1e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 37B012852686017D364C53592C07E3E0D5CF4C0B113304D3AF040C0041F4401C800231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F373 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 9623898d0018dc60af06c79b3115f3ab20d3cdbba00001a4a65d5175056db0fc
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9623898d0018dc60af06c79b3115f3ab20d3cdbba00001a4a65d5175056db0fc
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3D7 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 25fcb8f43d5f1e7e8c62e978ca910feee53c0ac46ad9ac2ed5347ec284ed619a
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 25fcb8f43d5f1e7e8c62e978ca910feee53c0ac46ad9ac2ed5347ec284ed619a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3FF Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 902f9672238b997e3c0b46f14655069a5959f5a1b5d0cf0a0ff6290fd3538083
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 902f9672238b997e3c0b46f14655069a5959f5a1b5d0cf0a0ff6290fd3538083
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3F5 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: d2837bcd25cfc69c36c31cdf2df714a215055ddc7bb503a820590237dd0de964
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d2837bcd25cfc69c36c31cdf2df714a215055ddc7bb503a820590237dd0de964
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3EB Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 09cd2e0eb0a0b73f8cef09c32e6eca648dde35fb5ee37c191488d94337c6433b
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 09cd2e0eb0a0b73f8cef09c32e6eca648dde35fb5ee37c191488d94337c6433b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F3B9 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 5c1839781f86e9013c4ac1c61a106d67c7cb99bd72ff5b221a8f69432f48bd5d
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5c1839781f86e9013c4ac1c61a106d67c7cb99bd72ff5b221a8f69432f48bd5d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F41D Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 1dda0b46144d445aef79ca2bcbf4e89fcaf006b33796e3fa4158d6c2ea6467ac
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1dda0b46144d445aef79ca2bcbf4e89fcaf006b33796e3fa4158d6c2ea6467ac
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F409 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 2da6dccacbea3ff0a84b8d09de915eb8aa4ed8ea5d644c8886fe96f124bc3e93
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2da6dccacbea3ff0a84b8d09de915eb8aa4ed8ea5d644c8886fe96f124bc3e93
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F431 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: cd449a4221bf7c6ea2c31ddbc571b5b066974c9214375a48d83f93fd348cb30d
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: cd449a4221bf7c6ea2c31ddbc571b5b066974c9214375a48d83f93fd348cb30d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F427 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F33D
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 4eb4ecb03e1aaa8d58ca589ef54030176c613ba5df99e3c65ed54ba8e9fdcc70
                                                                                                                                                                                                                                          • Instruction ID: ea66e4892962abe3ea261af1d6d8dfd60b3b74459567557a2b8800bdeb0d17a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4eb4ecb03e1aaa8d58ca589ef54030176c613ba5df99e3c65ed54ba8e9fdcc70
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDA0019A2A9103BD3A48A2696D2BD7A0A2CE4C4BA63708D2EF402C4481A8842C466631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F549 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 83b8070e88bf974abec3d968eb7c3dfe365dab8bc16f1e1b4152c4054ef8b3cd
                                                                                                                                                                                                                                          • Instruction ID: bfb45a667c934dd59c24ec5c244e922ea77f0723fb8f1e74f62e2f224bcd56dd
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 83b8070e88bf974abec3d968eb7c3dfe365dab8bc16f1e1b4152c4054ef8b3cd
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 55A001EA2A91067E3A486B657E1BD7A0A2DE4C4B62331992AF441E5081A9806D451231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F56E Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 9f3edf6031474631bcc450c66872d60812e6b24bc226ad4da6338105cdd7854e
                                                                                                                                                                                                                                          • Instruction ID: 016d573d52ee301b271bf109005781b2d4854ab453114fdd20f7c128d7ca48cc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9f3edf6031474631bcc450c66872d60812e6b24bc226ad4da6338105cdd7854e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 24A001EA2A9102BE3A4867657D1BD7A0A2CE4C8BA2331992AF442D5081A9806C451231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F564 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 2d272c4702056f12a673999a2569ea7514ea5082c891242efa196d8af23a6b32
                                                                                                                                                                                                                                          • Instruction ID: 016d573d52ee301b271bf109005781b2d4854ab453114fdd20f7c128d7ca48cc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2d272c4702056f12a673999a2569ea7514ea5082c891242efa196d8af23a6b32
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 24A001EA2A9102BE3A4867657D1BD7A0A2CE4C8BA2331992AF442D5081A9806C451231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F596 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 8542d414a398ac0faa86d75cf2c1aa56e91081d3f9436e6e53885746a08fdea6
                                                                                                                                                                                                                                          • Instruction ID: 016d573d52ee301b271bf109005781b2d4854ab453114fdd20f7c128d7ca48cc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8542d414a398ac0faa86d75cf2c1aa56e91081d3f9436e6e53885746a08fdea6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 24A001EA2A9102BE3A4867657D1BD7A0A2CE4C8BA2331992AF442D5081A9806C451231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F58C Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 582ead4e763cfd68b2ad06545ae414fc175454a64fc637151dfa5820949f6516
                                                                                                                                                                                                                                          • Instruction ID: 016d573d52ee301b271bf109005781b2d4854ab453114fdd20f7c128d7ca48cc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 582ead4e763cfd68b2ad06545ae414fc175454a64fc637151dfa5820949f6516
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 24A001EA2A9102BE3A4867657D1BD7A0A2CE4C8BA2331992AF442D5081A9806C451231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F5A0 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F556
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: bce18d9681a382743376bab0b14172822848adb0714461c7b61109375b809fef
                                                                                                                                                                                                                                          • Instruction ID: 016d573d52ee301b271bf109005781b2d4854ab453114fdd20f7c128d7ca48cc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bce18d9681a382743376bab0b14172822848adb0714461c7b61109375b809fef
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 24A001EA2A9102BE3A4867657D1BD7A0A2CE4C8BA2331992AF442D5081A9806C451231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6CD Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 083639514bdae0ee4a6fbd2e39c35e6a8d0266fe5ba5fb496da35a175d4660d4
                                                                                                                                                                                                                                          • Instruction ID: 15be47a9979057a82cb2471e0a20ad94f592596a1d2e462a59d55b1fcc2086bf
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 083639514bdae0ee4a6fbd2e39c35e6a8d0266fe5ba5fb496da35a175d4660d4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 71A0019A2B9202BD3A086665AD1BD7A0A2CE4C8B66330892EF402D4091A8816C451631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6FF Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F70C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 52172311e9be1431a776a8e8c51d8a99c55cf0d7ceb5cd3208776c4008aaf8b7
                                                                                                                                                                                                                                          • Instruction ID: 791836ecaaf9d4a870ef083d6e19321c797d1c20f38f6dcd1cfe24d35e8279a0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 52172311e9be1431a776a8e8c51d8a99c55cf0d7ceb5cd3208776c4008aaf8b7
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8EA002DA2B9602BD3A0867A57D9BD7F5E2CF8C0F367348D3EF401D4082B9802D851231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6F5 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 0c6c13469d72a78529852c7f91ae0c6f715ef97b06c6474dfc4a3cbbcc945c61
                                                                                                                                                                                                                                          • Instruction ID: 15be47a9979057a82cb2471e0a20ad94f592596a1d2e462a59d55b1fcc2086bf
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0c6c13469d72a78529852c7f91ae0c6f715ef97b06c6474dfc4a3cbbcc945c61
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 71A0019A2B9202BD3A086665AD1BD7A0A2CE4C8B66330892EF402D4091A8816C451631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6EB Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: f15ca2f3f225d9523563a1ed1817f245e18752b8356099ac1ee86ca10584c332
                                                                                                                                                                                                                                          • Instruction ID: 15be47a9979057a82cb2471e0a20ad94f592596a1d2e462a59d55b1fcc2086bf
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f15ca2f3f225d9523563a1ed1817f245e18752b8356099ac1ee86ca10584c332
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 71A0019A2B9202BD3A086665AD1BD7A0A2CE4C8B66330892EF402D4091A8816C451631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F6E1 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F6AB
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 95f6f50a7bf24651066adf998125fbd376bb3438c4013f077bf2c792a14b6a51
                                                                                                                                                                                                                                          • Instruction ID: 15be47a9979057a82cb2471e0a20ad94f592596a1d2e462a59d55b1fcc2086bf
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 95f6f50a7bf24651066adf998125fbd376bb3438c4013f077bf2c792a14b6a51
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 71A0019A2B9202BD3A086665AD1BD7A0A2CE4C8B66330892EF402D4091A8816C451631
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F71A Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F70C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: 5b907481b4e7c3518b015eacfa537d653b726d2c52c2cf19663c6edc89e025e1
                                                                                                                                                                                                                                          • Instruction ID: d0c9cd1c9bd623b6e2e78857b214a13c1032606bde5c80b15c79d2110207c07d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5b907481b4e7c3518b015eacfa537d653b726d2c52c2cf19663c6edc89e025e1
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E3A0019A2A9602BD3A0867A56D5BD7E5A2CE8C4B627348D2AF402C4082A9802D851231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F72E Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___delayLoadHelper2@8.DELAYIMP ref: 0059F70C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0059FA5C
                                                                                                                                                                                                                                            • Part of subcall function 0059F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0059FA6D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1269201914-0
                                                                                                                                                                                                                                          • Opcode ID: d26b8931887b0890234471608dc16d127fabbb9797a51b5616a599feee241f44
                                                                                                                                                                                                                                          • Instruction ID: d0c9cd1c9bd623b6e2e78857b214a13c1032606bde5c80b15c79d2110207c07d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d26b8931887b0890234471608dc16d127fabbb9797a51b5616a599feee241f44
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E3A0019A2A9602BD3A0867A56D5BD7E5A2CE8C4B627348D2AF402C4082A9802D851231
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B199 Relevance: 1.5, APIs: 1, Instructions: 7fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SetEndOfFile.KERNELBASE(?,0058A083,?,?,-000018C0,?,-00002908,00000000,-00000880,?,00000000,?,?,00000000,0058922F,-00008BE0), ref: 0058B19C
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 749574446-0
                                                                                                                                                                                                                                          • Opcode ID: f43756e0554cb39ca53dedaae2811ac975c272bf8095dad07fd9cdea4eed86a9
                                                                                                                                                                                                                                          • Instruction ID: 6c380e4bbd36d4e2f101c6f57bbfbe093f4a380a9da940a12942e7ec09735fd1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f43756e0554cb39ca53dedaae2811ac975c272bf8095dad07fd9cdea4eed86a9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 51A0113008000E8A8EA02B30EA0800C3B20EB20BC030002A8A00ACE0A2CB22880BAA00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                          Function 0059D420 Relevance: 33.5, APIs: 17, Strings: 2, Instructions: 233windowfileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: GetDlgItem.USER32(00000000,00003021), ref: 0058133A
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: SetWindowTextW.USER32(00000000,005B45F4), ref: 00581350
                                                                                                                                                                                                                                          • SendDlgItemMessageW.USER32(?,00000066,00000171,00000000,00000000), ref: 0059D4B1
                                                                                                                                                                                                                                          • EndDialog.USER32(?,00000006), ref: 0059D4C4
                                                                                                                                                                                                                                          • GetDlgItem.USER32(?,0000006C), ref: 0059D4E0
                                                                                                                                                                                                                                          • SetFocus.USER32(00000000), ref: 0059D4E7
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000065,?), ref: 0059D521
                                                                                                                                                                                                                                          • SendDlgItemMessageW.USER32(?,00000066,00000170,?,00000000), ref: 0059D558
                                                                                                                                                                                                                                          • FindFirstFileW.KERNEL32(?,?), ref: 0059D56E
                                                                                                                                                                                                                                            • Part of subcall function 0059BC2B: FileTimeToSystemTime.KERNEL32(?,?), ref: 0059BC3F
                                                                                                                                                                                                                                            • Part of subcall function 0059BC2B: SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 0059BC50
                                                                                                                                                                                                                                            • Part of subcall function 0059BC2B: SystemTimeToFileTime.KERNEL32(?,?), ref: 0059BC5E
                                                                                                                                                                                                                                            • Part of subcall function 0059BC2B: FileTimeToSystemTime.KERNEL32(?,?), ref: 0059BC6C
                                                                                                                                                                                                                                            • Part of subcall function 0059BC2B: GetDateFormatW.KERNEL32(00000400,00000000,?,00000000,?,00000032), ref: 0059BC87
                                                                                                                                                                                                                                            • Part of subcall function 0059BC2B: GetTimeFormatW.KERNEL32(00000400,?,?,00000000,?,00000032), ref: 0059BCAE
                                                                                                                                                                                                                                            • Part of subcall function 0059BC2B: _swprintf.LIBCMT ref: 0059BCD4
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059D5B7
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,0000006A,?), ref: 0059D5CA
                                                                                                                                                                                                                                          • FindClose.KERNEL32(00000000), ref: 0059D5D1
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059D620
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000068,?), ref: 0059D633
                                                                                                                                                                                                                                          • SendDlgItemMessageW.USER32(?,00000067,00000170,?,00000000), ref: 0059D650
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059D683
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,0000006B,?), ref: 0059D696
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059D6E0
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000069,?), ref: 0059D6F3
                                                                                                                                                                                                                                            • Part of subcall function 0059C093: GetLocaleInfoW.KERNEL32(00000400,0000000F,?,00000064), ref: 0059C0B9
                                                                                                                                                                                                                                            • Part of subcall function 0059C093: GetNumberFormatW.KERNEL32(00000400,00000000,?,005C072C,?,?), ref: 0059C108
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Item$Time$Text$_swprintf$FileSystem$FormatMessageSend$Find$CloseDateDialogFirstFocusInfoLocalLocaleNumberSpecificWindow__vswprintf_c_l
                                                                                                                                                                                                                                          • String ID: %s %s$REPLACEFILEDLG
                                                                                                                                                                                                                                          • API String ID: 3464475507-439456425
                                                                                                                                                                                                                                          • Opcode ID: 4288d43ef902b42c878ee57dc6cfd1594fefb222d20b5c6690c5582e2474dbd0
                                                                                                                                                                                                                                          • Instruction ID: 31e41241a6ed479fc5eed28ec922d81dfc2d446c9d6c4decff184c83c166cd77
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4288d43ef902b42c878ee57dc6cfd1594fefb222d20b5c6690c5582e2474dbd0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6C71D9721443447BEA31AB64DC8DFFB7BACFB86744F040819F68DD6081D6B5A9089772
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00587AAF Relevance: 28.3, APIs: 12, Strings: 4, Instructions: 337fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 00587AB4
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00587B1D
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00587B8E
                                                                                                                                                                                                                                            • Part of subcall function 00588704: GetCurrentProcess.KERNEL32(00000020,?), ref: 00588713
                                                                                                                                                                                                                                            • Part of subcall function 00588704: GetLastError.KERNEL32 ref: 00588759
                                                                                                                                                                                                                                            • Part of subcall function 00588704: CloseHandle.KERNEL32(?), ref: 00588768
                                                                                                                                                                                                                                            • Part of subcall function 0058B470: DeleteFileW.KERNELBASE(?,00000000,?,0058A438,?,?,?,?,0058892B,?,?,?,005B380F,000000FF), ref: 0058B481
                                                                                                                                                                                                                                            • Part of subcall function 0058B470: DeleteFileW.KERNEL32(?,?,?,00000800,?,0058A438,?,?,?,?,0058892B,?,?,?,005B380F,000000FF), ref: 0058B4AF
                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,40000000,00000000,00000000,00000001,00000080,00000000,?,?,00000001,?), ref: 00587C43
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(00000000), ref: 00587C5F
                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,C0000000,00000000,00000000,00000003,02200000,00000000), ref: 00587DAB
                                                                                                                                                                                                                                            • Part of subcall function 0058B032: FlushFileBuffers.KERNEL32(?,?,?,?,?,?,00587ED0,?,?,?,00000000), ref: 0058B04C
                                                                                                                                                                                                                                            • Part of subcall function 0058B032: SetFileTime.KERNELBASE(?,?,?,?), ref: 0058B100
                                                                                                                                                                                                                                            • Part of subcall function 0058A880: FindCloseChangeNotification.KERNELBASE(000000FF,?,?,0058A83D,?,?,?,?,?,005B380F,000000FF), ref: 0058A89B
                                                                                                                                                                                                                                            • Part of subcall function 0058B8E6: SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B8FA
                                                                                                                                                                                                                                            • Part of subcall function 0058B8E6: SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B92B
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Close$AttributesCreateDeleteHandle_wcslen$BuffersChangeCurrentErrorFindFlushH_prologLastNotificationProcessTime
                                                                                                                                                                                                                                          • String ID: SeCreateSymbolicLinkPrivilege$SeRestorePrivilege$UNC\$\??\
                                                                                                                                                                                                                                          • API String ID: 2821348736-3508440684
                                                                                                                                                                                                                                          • Opcode ID: cf030a8080ba160ac57e8272e955b1b3452e30d9e22a1a976c314e6ca24bd84c
                                                                                                                                                                                                                                          • Instruction ID: daf0446d6fecb7c682a26e0053833ff775feafb2a8c1942ff9ccfacad7e6ebb0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: cf030a8080ba160ac57e8272e955b1b3452e30d9e22a1a976c314e6ca24bd84c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F8C17371904249AAEB21EBB4CC49FEEBBACBF48310F104559F945F7142D774EA44CBA1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AEAAE Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1381COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: __floor_pentium4
                                                                                                                                                                                                                                          • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                                                          • API String ID: 4168288129-2761157908
                                                                                                                                                                                                                                          • Opcode ID: ab2d05b772673d35135c556d907783b07c53de69838bd635311a389385b89130
                                                                                                                                                                                                                                          • Instruction ID: 0cfcf488c788c55644f8eb8fc3e74b5da2d375766b78ed0b0535e8314bef4990
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ab2d05b772673d35135c556d907783b07c53de69838bd635311a389385b89130
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 18C23771E086298FDB258E68DD457EEBBB5FB86304F1445EAD80DE7240E774AE818F40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058395A Relevance: 9.4, APIs: 2, Strings: 3, Instructions: 666COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog_swprintf
                                                                                                                                                                                                                                          • String ID: CMT$h%u$hc%u
                                                                                                                                                                                                                                          • API String ID: 146138363-3282847064
                                                                                                                                                                                                                                          • Opcode ID: 5bec1078de8a9fc1aff7dfb2106510320635b7b498655d6a64dbcf2313889f89
                                                                                                                                                                                                                                          • Instruction ID: 988541e1bfd27155e55560e3191166aa163919c8da1a298a92841591d4f911f1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5bec1078de8a9fc1aff7dfb2106510320635b7b498655d6a64dbcf2313889f89
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1E42D8715052469FDF24EF74C88AAE93FA5BF55300F04447DFC46AB282DB70AA89CB61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00582EB6 Relevance: 7.8, APIs: 3, Strings: 1, Instructions: 804COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 00582EBF
                                                                                                                                                                                                                                          • _strlen.LIBCMT ref: 0058348B
                                                                                                                                                                                                                                            • Part of subcall function 00591600: __EH_prolog.LIBCMT ref: 00591605
                                                                                                                                                                                                                                            • Part of subcall function 00592ED2: MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,?,?,?,?,?,0058CF18,00000000,?,?), ref: 00592EEE
                                                                                                                                                                                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 005835DD
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog$ByteCharMultiUnothrow_t@std@@@Wide__ehfuncinfo$??2@_strlen
                                                                                                                                                                                                                                          • String ID: CMT
                                                                                                                                                                                                                                          • API String ID: 1206968400-2756464174
                                                                                                                                                                                                                                          • Opcode ID: da648d16da119d2ef35bf618c556f29dea684f7c20256c7afea8cde459019fba
                                                                                                                                                                                                                                          • Instruction ID: 1e911201d6187e07d6223d319a969c4e9a0b6e50ae82ce026b9e87c86d5bfd39
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: da648d16da119d2ef35bf618c556f29dea684f7c20256c7afea8cde459019fba
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 446206716002858FDF19EF38C8996E93FA1BF55700F08497DFC5AAB282DB74AA45CB50
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A0A0A Relevance: 6.1, APIs: 4, Instructions: 73COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 005A0A16
                                                                                                                                                                                                                                          • IsDebuggerPresent.KERNEL32 ref: 005A0AE2
                                                                                                                                                                                                                                          • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 005A0B02
                                                                                                                                                                                                                                          • UnhandledExceptionFilter.KERNEL32(?), ref: 005A0B0C
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 254469556-0
                                                                                                                                                                                                                                          • Opcode ID: 77fd6375179754325e66fd0bc31441b2531f634a47db8584f26b57c13b361337
                                                                                                                                                                                                                                          • Instruction ID: 40e3deba0a24251e983392df5387cf085055f31ef316967436e7f69ae40170d3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 77fd6375179754325e66fd0bc31441b2531f634a47db8584f26b57c13b361337
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 723118B5D1521D9BDB20DFA4D9897CDBBB8BF18304F1041AAE409AB291EB715A84CF44
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F82F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 49COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • VirtualQuery.KERNEL32(80000000,0059F774,0000001C,0059F969,00000000,?,?,?,?,?,?,?,0059F774,00000004,005E3D24,0059F9F9), ref: 0059F840
                                                                                                                                                                                                                                          • GetSystemInfo.KERNEL32(?,?,00000000,?,?,?,?,0059F774,00000004,005E3D24,0059F9F9), ref: 0059F85B
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: InfoQuerySystemVirtual
                                                                                                                                                                                                                                          • String ID: D
                                                                                                                                                                                                                                          • API String ID: 401686933-2746444292
                                                                                                                                                                                                                                          • Opcode ID: fb501dd11843503bed46742577dcaee62f3ba8c66c11a2b9f666381ca46781c4
                                                                                                                                                                                                                                          • Instruction ID: 27acf6d74ce56cd898c31b5e4f0e514f429ae35faa3b5823d113f46cf849b2e8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fb501dd11843503bed46742577dcaee62f3ba8c66c11a2b9f666381ca46781c4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8401D432A001096BCF24DE29DC05AEE7BA9AFD4324F08C234ED19D7255E638E945C780
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A4FEF Relevance: 4.6, APIs: 3, Instructions: 78COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • IsDebuggerPresent.KERNEL32(?,?,?,?,?,00000000), ref: 005A50E7
                                                                                                                                                                                                                                          • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,00000000), ref: 005A50F1
                                                                                                                                                                                                                                          • UnhandledExceptionFilter.KERNEL32(-00000325,?,?,?,?,?,00000000), ref: 005A50FE
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3906539128-0
                                                                                                                                                                                                                                          • Opcode ID: e7a4155ac3bdd14b20e72eea031790608e0f2e8f0baee35156003158fa3cd9de
                                                                                                                                                                                                                                          • Instruction ID: 749b703b700da9bb04598703155eb53e605a7dea525e6db8b377333127b4549b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e7a4155ac3bdd14b20e72eea031790608e0f2e8f0baee35156003158fa3cd9de
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F731D5749112199BCB61DF68DD89B9DBBB8BF58310F5042EAE80CA7251E7309F85CF44
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AE600 Relevance: 3.5, APIs: 2, Instructions: 464COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: d08e2bcb8369247a90beecc4ac2937ecc20121a35f50d3dd5c946701bfc99d8e
                                                                                                                                                                                                                                          • Instruction ID: 3baad752ac3216daecbcaa3a438efeb39265988af02e082c97e3158872f8541a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d08e2bcb8369247a90beecc4ac2937ecc20121a35f50d3dd5c946701bfc99d8e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5D023B71E002199FDF14CFA9D8816AEBBF1FF89314F25856AD819E7381D730AA41CB80
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C093 Relevance: 3.0, APIs: 2, Instructions: 45COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetLocaleInfoW.KERNEL32(00000400,0000000F,?,00000064), ref: 0059C0B9
                                                                                                                                                                                                                                          • GetNumberFormatW.KERNEL32(00000400,00000000,?,005C072C,?,?), ref: 0059C108
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FormatInfoLocaleNumber
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2169056816-0
                                                                                                                                                                                                                                          • Opcode ID: e8f14d9871c3885e070b0ccce49e1d3589ac4673953f11048ee484bc6139f4d6
                                                                                                                                                                                                                                          • Instruction ID: 7be37683694f3a92926698bb9a24267f143068d58eb28dfbe1839ba75d565ff5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e8f14d9871c3885e070b0ccce49e1d3589ac4673953f11048ee484bc6139f4d6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 77015E35580349AED7108BA4DC45FAA7BFCFF28710F105022FA05D7191D370A958DBA9
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00587727 Relevance: 3.0, APIs: 2, Instructions: 16windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(00587886,?,00000400), ref: 00587727
                                                                                                                                                                                                                                          • FormatMessageW.KERNEL32(00001200,00000000,00000000,00000400,?,?,00000000), ref: 00587748
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorFormatLastMessage
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3479602957-0
                                                                                                                                                                                                                                          • Opcode ID: e28ffb48d3c9c85c498efb15b9a51bf66deff7af029e1176ee52f3576f6f42d5
                                                                                                                                                                                                                                          • Instruction ID: 0c0b8da0e51df7e334108f4f6aca8c9ce59f7d8d3f2d6126abb698bbe25fbfb8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e28ffb48d3c9c85c498efb15b9a51bf66deff7af029e1176ee52f3576f6f42d5
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 04D0A731348308BBFA502B305C0AF2A3B59BB14B41F24C4047704E80E1E670E014FB14
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005B2BB4 Relevance: 1.8, APIs: 1, Instructions: 269COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • RaiseException.KERNEL32(C000000D,00000000,00000001,?,?,00000008,?,?,005B2BAF,?,?,00000008,?,?,005B284F,00000000), ref: 005B2DE1
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExceptionRaise
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3997070919-0
                                                                                                                                                                                                                                          • Opcode ID: 53d9e44f096ebbb34125acb340b712b234947c7c0827c50724ee227b7b5eac57
                                                                                                                                                                                                                                          • Instruction ID: 2bac362705cb965c6a984e7830398a1b20be6545c1f0f0e912132b98ce8c1202
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 53d9e44f096ebbb34125acb340b712b234947c7c0827c50724ee227b7b5eac57
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 02B13A31610609DFD719CF28C48ABA57FE0FF45365F298658E89ACF2A1C335E992CB50
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A0826 Relevance: 1.6, APIs: 1, Instructions: 147COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • IsProcessorFeaturePresent.KERNEL32(0000000A), ref: 005A083C
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FeaturePresentProcessor
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2325560087-0
                                                                                                                                                                                                                                          • Opcode ID: 3608cdb408ae3f3e1c1069fb2c41c1b51d2d47d7ccf9d65aab07008183cb3563
                                                                                                                                                                                                                                          • Instruction ID: b7f0bf1487e5b677e07501738b2b363986e6eee24fa5063ae983261fcf82ab9d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3608cdb408ae3f3e1c1069fb2c41c1b51d2d47d7ccf9d65aab07008183cb3563
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C8519CB1A10255DFEB18CF58D9857AEBBF4FB58300F24952AC440EB2A1D378D944DF90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058C365 Relevance: 1.5, APIs: 1, Instructions: 27COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetVersionExW.KERNEL32(?), ref: 0058C388
                                                                                                                                                                                                                                            • Part of subcall function 0058C3F7: __EH_prolog.LIBCMT ref: 0058C3FC
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prologVersion
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1836448879-0
                                                                                                                                                                                                                                          • Opcode ID: ef23b0eec2ec3295cde7f5a7f17f45644d1b261b73458e95acaba3c7526200f0
                                                                                                                                                                                                                                          • Instruction ID: cb760cd48eb50d59062ebbb829c40dd4488a52ff74a2660a8bde97d053397f9d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ef23b0eec2ec3295cde7f5a7f17f45644d1b261b73458e95acaba3c7526200f0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 52F0893450468C8EDF25F720A80D7D83FE46721308F04C8C5C94072252CAB9468EEF72
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00584A8E Relevance: 1.5, Strings: 1, Instructions: 276COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID: gj
                                                                                                                                                                                                                                          • API String ID: 0-4203073231
                                                                                                                                                                                                                                          • Opcode ID: 13b5c357d8b2ed3f60e3f3b99e55dddb242ca89527c77a6dca0f0edfa61ac72a
                                                                                                                                                                                                                                          • Instruction ID: b331461701f20ad60c045c2f97a13129d7ae1494c7486f099e98ff209e929bcc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 13b5c357d8b2ed3f60e3f3b99e55dddb242ca89527c77a6dca0f0edfa61ac72a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CAC128B2A183418FC754CF2AD88065AFBE1FFC9208F15892DE998D7302D734A945CF96
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A0B9D Relevance: 1.5, APIs: 1, Instructions: 3COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SetUnhandledExceptionFilter.KERNEL32(Function_00020BB0,005A0605), ref: 005A0BA2
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExceptionFilterUnhandled
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3192549508-0
                                                                                                                                                                                                                                          • Opcode ID: 325baf16facfec69962c0956da5d5eac5aa141a9c9a7a7de22289ac9fdf8b8d2
                                                                                                                                                                                                                                          • Instruction ID: 630ecd38e691eb3d811086c088f8661d02fab4c38dc5851d4e51a21dfacec183
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 325baf16facfec69962c0956da5d5eac5aa141a9c9a7a7de22289ac9fdf8b8d2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AD1F0 Relevance: 1.3, APIs: 1, Instructions: 5memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: HeapProcess
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 54951025-0
                                                                                                                                                                                                                                          • Opcode ID: d6964c08e6e6413ca1b5cb060ca304d2fb30fbeb8615d024bbfff802dc6c252e
                                                                                                                                                                                                                                          • Instruction ID: 3d451d2573dbb065d8558642513321a6af0a7d4fb2dc253a96dc4cc412400938
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d6964c08e6e6413ca1b5cb060ca304d2fb30fbeb8615d024bbfff802dc6c252e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 23A012305012008BC3404F365A4420C3594E5221803004014D045C4220E7204095AE41
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059742E Relevance: .8, Instructions: 807COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: bb440c3f38b3e305fdd1d836c2b9e59251265d1cf162b7c6ca201f408ca991ce
                                                                                                                                                                                                                                          • Instruction ID: a9bf4d4d99d590f955eedd6ff1e960ea037a2c77c58e72f0f6996534ce870cb8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bb440c3f38b3e305fdd1d836c2b9e59251265d1cf162b7c6ca201f408ca991ce
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4F62E671618B899FCF29CF38C4906B97FE1BF99304F18896ED89A8B346D734A945C710
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005988AF Relevance: .8, Instructions: 781COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: b65a91e4e366914e0141f10d5f4ffaf8e7de368edfeaa8d3252b84b140085dc5
                                                                                                                                                                                                                                          • Instruction ID: 1c2f9e48ea9a7e252db66e6da7585c3c0529734d22d9c1771a75aa92904cdb62
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b65a91e4e366914e0141f10d5f4ffaf8e7de368edfeaa8d3252b84b140085dc5
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AE62C3716082469FCF18CF28C5909B9BBE1BF96304F08866DEC998B346DB34E945DB91
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005907A7 Relevance: .7, Instructions: 694COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: a62c15b85c617ebd307b2c0f60e6839fba4416d489f0088c2584b05da129add6
                                                                                                                                                                                                                                          • Instruction ID: 5bf369fc90ccc29239528856e9cc7c77ada0f267af13121d69f44c2a251553ec
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a62c15b85c617ebd307b2c0f60e6839fba4416d489f0088c2584b05da129add6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4E525A72A187018FC718CF19C891A6AF7E1FFCC304F498A2DE5959B255D334EA19CB86
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00598253 Relevance: .5, Instructions: 528COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 37fa013016f66a9acb96389e18ff93c3c269be03c622e8db4ff940c07f3fc202
                                                                                                                                                                                                                                          • Instruction ID: 3869c113762b576003f39ab0c9cca479fd925d07b3c0f67aac8d2b97c92aa62b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 37fa013016f66a9acb96389e18ff93c3c269be03c622e8db4ff940c07f3fc202
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C012E3716047068FDB28CF28C494779BBE0FF55308F14892EE89BC7681EB78A995CB45
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058D833 Relevance: .5, Instructions: 454COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 7a47b0e1e5079927876998d6109c901d063f7b4eec51af92d7dcfe1cc0844926
                                                                                                                                                                                                                                          • Instruction ID: 3000998c8850134ae418f43b85a93b8b3d89783f6e8a238407796223994db6e9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7a47b0e1e5079927876998d6109c901d063f7b4eec51af92d7dcfe1cc0844926
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5AF17A716093058FC718EF28C584A2EBFF5FFC9314F244A2EE895A7291D631E945CB62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058FCCC Relevance: .3, Instructions: 320COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: c0ce8a8a69159272c8e8fc8c810ed278228ab70d0d0363ac561d28dde44d571b
                                                                                                                                                                                                                                          • Instruction ID: 173c4a6a8e11f27a2b0e17f91f373ad465ef0df27ae718574572380f7de9ea28
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c0ce8a8a69159272c8e8fc8c810ed278228ab70d0d0363ac561d28dde44d571b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 03E15E795183948FC304CF29D48086ABBF0BB9A300F4A095EF9D597352D735EA19DFA2
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00595282 Relevance: .3, Instructions: 270COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 0f0edab4168543933933ff689e1c5ce6e4651b3ff7a49b2e079af6b74ce182af
                                                                                                                                                                                                                                          • Instruction ID: 35697d3d969b5b3efb509efc039fba0708c405188eb0d118cf656f53e5f0729d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0f0edab4168543933933ff689e1c5ce6e4651b3ff7a49b2e079af6b74ce182af
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 519135B0200B069BEF25EE64D895BBE7FD9FB90300F100D2DE99687282FB64D965C751
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005955B0 Relevance: .2, Instructions: 243COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 931725267d3afae2a79d0ebb937372447d19929da5c01f319e552610ee085862
                                                                                                                                                                                                                                          • Instruction ID: abd7f3fcaa84885ef36ead7eba35ce92a2edc8f083cc3abb45dd74190b5261cd
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 931725267d3afae2a79d0ebb937372447d19929da5c01f319e552610ee085862
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EB8137713047429BEF26EF68C8C5BBE3FD5FB90344F10092DFD868B282EA6489958755
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A64D7 Relevance: .2, Instructions: 237COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 46e9ac322ce5744c876c10b215b40218a8a14de472d03a9e5a4e1887a23e5d45
                                                                                                                                                                                                                                          • Instruction ID: fa3db92f9cdd95dce0cce2fc735a9e4e23091d9c24ad8f1aeb8b34b15f6f57e7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 46e9ac322ce5744c876c10b215b40218a8a14de472d03a9e5a4e1887a23e5d45
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 21618CB1E00609A6DE344A38A9A9BBE3FD8FF4B744F9C0819E943DF185E621DD428215
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A62A8 Relevance: .2, Instructions: 214COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 5deea3b29f66a918188f7a75532971316276c2599c24e1ebb0fa75850081f94e
                                                                                                                                                                                                                                          • Instruction ID: f68c2adf49be5b123ddec0db3a35b270a405370fe2eb0a6400120a3ac5be049e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5deea3b29f66a918188f7a75532971316276c2599c24e1ebb0fa75850081f94e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F451876560074A9BDF34897885997BF2FD9BF67300F1C0D1FE982DB682C614DD068362
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005902F7 Relevance: .2, Instructions: 161COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: ae72cf702431afa815083ac208ba49bd12733235a8685f129a048c740eefe3d0
                                                                                                                                                                                                                                          • Instruction ID: 0353caa33f9ff0ab1f87f6e46e3e9c6adbbcddf67fe30bb9b8d91e7eb518fb80
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ae72cf702431afa815083ac208ba49bd12733235a8685f129a048c740eefe3d0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B251D2315093D58FCF12CF29818456EBFE0BEDA714F4A1D99E5D95B282C230DA4ACB92
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005913FD Relevance: .1, Instructions: 141COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 376946c238392aaea4864d813fb42d9e1a0415eac20448a526e28f70c3f5f9b9
                                                                                                                                                                                                                                          • Instruction ID: 5cfffa3b9c6046c56a1becbdc4c6a2f2d3e4fb90d2f414156f105a3277e72c35
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 376946c238392aaea4864d813fb42d9e1a0415eac20448a526e28f70c3f5f9b9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D351F0B1A087159FC748CF19D48055AFBE1FF88324F058A2EE899E3341D734E959CB9A
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00595011 Relevance: .1, Instructions: 112COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                          • Opcode ID: 74cd97078976d413443546a5e6f1c41999260f7e4caf4087a6071dd61f1d0527
                                                                                                                                                                                                                                          • Instruction ID: b506b7d287cff550b18b33047066b7e54b8d13d2cef7621eb77dbef61e7151ef
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 74cd97078976d413443546a5e6f1c41999260f7e4caf4087a6071dd61f1d0527
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9031F2B1604B068FDB14EF28C85526ABFD0FB95300F10492DE8D6D7742E739E91ACB91
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058F608 Relevance: 26.5, APIs: 12, Strings: 3, Instructions: 234COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0058F62E
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                            • Part of subcall function 005930F5: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,?,00000000,00000000,?,005C3070,?,0058EC48,00000000,?,00000050,005C3070), ref: 00593112
                                                                                                                                                                                                                                          • _strlen.LIBCMT ref: 0058F64F
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,005C0274,?), ref: 0058F6AF
                                                                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 0058F6E9
                                                                                                                                                                                                                                          • GetClientRect.USER32(?,?), ref: 0058F6F5
                                                                                                                                                                                                                                          • GetWindowLongW.USER32(?,000000F0), ref: 0058F795
                                                                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 0058F7C2
                                                                                                                                                                                                                                          • SetWindowTextW.USER32(?,?), ref: 0058F7FB
                                                                                                                                                                                                                                          • GetSystemMetrics.USER32(00000008), ref: 0058F803
                                                                                                                                                                                                                                          • GetWindow.USER32(?,00000005), ref: 0058F80E
                                                                                                                                                                                                                                          • GetWindowRect.USER32(00000000,?), ref: 0058F83B
                                                                                                                                                                                                                                          • GetWindow.USER32(00000000,00000002), ref: 0058F8AD
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Window$Rect$Text$ByteCharClientItemLongMetricsMultiSystemWide__vswprintf_c_l_strlen_swprintf
                                                                                                                                                                                                                                          • String ID: $%s:$CAPTION$d
                                                                                                                                                                                                                                          • API String ID: 2407758923-2512411981
                                                                                                                                                                                                                                          • Opcode ID: 3f3367ca6ed27f4016fb0a548380613a3eb8f4932229c0740ddd5a50847df053
                                                                                                                                                                                                                                          • Instruction ID: 6dce5157afd16a2df1406086ee0fc816e9e1c9a27591d2ee705c2395d3bfa5fc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3f3367ca6ed27f4016fb0a548380613a3eb8f4932229c0740ddd5a50847df053
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D5816F71108341AFD714DF68CD89B6BBBE9FB88718F04092DFA85E7291D670E809CB52
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ADCE2 Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 114COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ___free_lconv_mon.LIBCMT ref: 005ADD26
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD8DE
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD8F0
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD902
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD914
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD926
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD938
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD94A
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD95C
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD96E
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD980
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD992
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD9A4
                                                                                                                                                                                                                                            • Part of subcall function 005AD8C1: _free.LIBCMT ref: 005AD9B6
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADD1B
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: RtlFreeHeap.NTDLL(00000000,00000000,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?), ref: 005AA680
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: GetLastError.KERNEL32(?,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?,?), ref: 005AA692
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADD3D
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADD52
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADD5D
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADD7F
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADD92
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADDA0
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADDAB
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADDE3
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADDEA
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADE07
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADE1F
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$ErrorFreeHeapLast___free_lconv_mon
                                                                                                                                                                                                                                          • String ID: h\
                                                                                                                                                                                                                                          • API String ID: 161543041-177923356
                                                                                                                                                                                                                                          • Opcode ID: a7bb3c36c7b1c884522d824ffddf87a4030b2ed0a2f498a1c21b05822ac813fb
                                                                                                                                                                                                                                          • Instruction ID: b28cbe3946bb7d2bb1162e92ea632cbd061b6b94f2bccfe0a7aa0bd5a6aa38be
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a7bb3c36c7b1c884522d824ffddf87a4030b2ed0a2f498a1c21b05822ac813fb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6E315932A003069FEB24AA38D849F5EBBF9FF92710F184429E04ADB551DB31AC40DB61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059E7EE Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 79windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetWindow.USER32(?,00000005), ref: 0059E811
                                                                                                                                                                                                                                          • GetClassNameW.USER32(00000000,?,00000800), ref: 0059E83D
                                                                                                                                                                                                                                            • Part of subcall function 00593316: CompareStringW.KERNEL32(00000400,00001001,?,000000FF,?,Function_00013316,0058D523,00000000,.exe,?,?,00000800,?,?,?,00599E5C), ref: 0059332C
                                                                                                                                                                                                                                          • GetWindowLongW.USER32(00000000,000000F0), ref: 0059E859
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000173,00000000,00000000), ref: 0059E870
                                                                                                                                                                                                                                          • GetObjectW.GDI32(00000000,00000018,?), ref: 0059E884
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000172,00000000,00000000), ref: 0059E8AD
                                                                                                                                                                                                                                          • DeleteObject.GDI32(00000000), ref: 0059E8B4
                                                                                                                                                                                                                                          • GetWindow.USER32(00000000,00000002), ref: 0059E8BD
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Window$MessageObjectSend$ClassCompareDeleteLongNameString
                                                                                                                                                                                                                                          • String ID: STATIC
                                                                                                                                                                                                                                          • API String ID: 3820355801-1882779555
                                                                                                                                                                                                                                          • Opcode ID: 647fa8370fb15038603d9e1108223d3d64fdbf4abf1ad06be9f557997a19596b
                                                                                                                                                                                                                                          • Instruction ID: c495401d490f7c32ef3545bc3e29bce60c571f1ffed97f2e5ae34b8bcc4788a8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 647fa8370fb15038603d9e1108223d3d64fdbf4abf1ad06be9f557997a19596b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CD11E7725407517BFA21A7B09C8EFAF3E5DBFA4714F000534FA81A90D2EB648D0A96B5
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AA421 Relevance: 15.1, APIs: 10, Instructions: 54COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA435
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: RtlFreeHeap.NTDLL(00000000,00000000,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?), ref: 005AA680
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: GetLastError.KERNEL32(?,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?,?), ref: 005AA692
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA441
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA44C
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA457
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA462
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA46D
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA478
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA483
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA48E
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA49C
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 776569668-0
                                                                                                                                                                                                                                          • Opcode ID: ebedae6268964b75ea1e5f5dde5e83ad49d31679d22524fb520e05736512c985
                                                                                                                                                                                                                                          • Instruction ID: 564e4df945569ca98444a77ad6ddf057a71bcad6048a3dcae8dbce43b8f7c5fb
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ebedae6268964b75ea1e5f5dde5e83ad49d31679d22524fb520e05736512c985
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B311AF76900109AFCB05EF54C856C9D3FB5FF99750F0581A1FA088B222DB31EA51EF91
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A3FC1 Relevance: 14.3, APIs: 5, Strings: 3, Instructions: 303COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CallFramesMatchNestedTypeUnexpectedUnwind_aborttype_info::operator==
                                                                                                                                                                                                                                          • String ID: csm$csm$csm
                                                                                                                                                                                                                                          • API String ID: 322700389-393685449
                                                                                                                                                                                                                                          • Opcode ID: cadc3431bfc805feb721ce93b33b37906e5d3632c4d8832057e02562dd2304d2
                                                                                                                                                                                                                                          • Instruction ID: f896c525b79ae01a548d8a48c3ecd6ca644e320457f98fdb881bb1c89f69123f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: cadc3431bfc805feb721ce93b33b37906e5d3632c4d8832057e02562dd2304d2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 42B1337580020AEBCF14DFA4C8859AEBFB5BF9A310F14455AF8016B212D7B1EA91CF91
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059A6D1 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 126memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059A6F6
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059A796
                                                                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,?), ref: 0059A7A5
                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000003,?,00000000,00000000), ref: 0059A7C6
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$AllocByteCharGlobalMultiWide
                                                                                                                                                                                                                                          • String ID: </html>$<head><meta http-equiv="content-type" content="text/html; charset=$<html>$utf-8"></head>
                                                                                                                                                                                                                                          • API String ID: 1116704506-4209811716
                                                                                                                                                                                                                                          • Opcode ID: 59006a45c92fa6d619afc9f7a569df96c0a33a1f1d75ff565e7a3ad18c978856
                                                                                                                                                                                                                                          • Instruction ID: 1733820c604d313e97324fa623029ecee15f26a62168e8224b9b980fd5b719fd
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 59006a45c92fa6d619afc9f7a569df96c0a33a1f1d75ff565e7a3ad18c978856
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D33117321047427EEB25ABA49C4AF6F7FA8FF92720F14011EF40196191FB64990982B6
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C7B0 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 98windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: GetDlgItem.USER32(00000000,00003021), ref: 0058133A
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: SetWindowTextW.USER32(00000000,005B45F4), ref: 00581350
                                                                                                                                                                                                                                          • EndDialog.USER32(?,00000001), ref: 0059C800
                                                                                                                                                                                                                                          • SendMessageW.USER32(?,00000080,00000001,00010447), ref: 0059C827
                                                                                                                                                                                                                                          • SendDlgItemMessageW.USER32(?,00000066,00000172,00000000,?), ref: 0059C840
                                                                                                                                                                                                                                          • SetWindowTextW.USER32(?,?), ref: 0059C851
                                                                                                                                                                                                                                          • GetDlgItem.USER32(?,00000065), ref: 0059C85A
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000435,00000000,00010000), ref: 0059C86E
                                                                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000443,00000000,00000000), ref: 0059C884
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: MessageSend$Item$TextWindow$Dialog
                                                                                                                                                                                                                                          • String ID: LICENSEDLG
                                                                                                                                                                                                                                          • API String ID: 3214253823-2177901306
                                                                                                                                                                                                                                          • Opcode ID: 9bdad54a1f6c30185b8e3f716522ee7d6a1da84c2b1946e7efc7c657d6691120
                                                                                                                                                                                                                                          • Instruction ID: 65862d591ee27c204f2028eb10e27c0c024243338f85edb9df6cd616fca1a380
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9bdad54a1f6c30185b8e3f716522ee7d6a1da84c2b1946e7efc7c657d6691120
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6D21D6721406417BDA199B65EC8DF7B3F6CFB5A785F004418F680E90A0DB619C05E635
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B5D6 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 87COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058B5E2
                                                                                                                                                                                                                                            • Part of subcall function 00592701: GetSystemTime.KERNEL32(?), ref: 0059270F
                                                                                                                                                                                                                                            • Part of subcall function 00592701: SystemTimeToFileTime.KERNEL32(?,?), ref: 0059271D
                                                                                                                                                                                                                                            • Part of subcall function 005926AA: __aulldiv.LIBCMT ref: 005926B3
                                                                                                                                                                                                                                          • __aulldiv.LIBCMT ref: 0058B60E
                                                                                                                                                                                                                                          • GetCurrentProcessId.KERNEL32(00000000,?,000186A0,00000000,?,?,00000800,?), ref: 0058B615
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0058B640
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058B64A
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0058B6A0
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058B6AA
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Time_wcslen$System__aulldiv_swprintf$CurrentFileProcess__vswprintf_c_l
                                                                                                                                                                                                                                          • String ID: %u.%03u
                                                                                                                                                                                                                                          • API String ID: 2956649372-1114938957
                                                                                                                                                                                                                                          • Opcode ID: eb4cda610d20dc402a2eab7a9cf1bd34becf1b931c9cded2d339190323f4b707
                                                                                                                                                                                                                                          • Instruction ID: e4e2146a9d61ba9900bf21c60c3e287ddff62e03751cf7526df2aec7e5189596
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: eb4cda610d20dc402a2eab7a9cf1bd34becf1b931c9cded2d339190323f4b707
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 582162726043016FE614EB65CC89D9F7AECFBD5710F404929F945E7242EB30D9088BA1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059BC2B Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 68timeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • FileTimeToSystemTime.KERNEL32(?,?), ref: 0059BC3F
                                                                                                                                                                                                                                          • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 0059BC50
                                                                                                                                                                                                                                          • SystemTimeToFileTime.KERNEL32(?,?), ref: 0059BC5E
                                                                                                                                                                                                                                          • FileTimeToSystemTime.KERNEL32(?,?), ref: 0059BC6C
                                                                                                                                                                                                                                          • GetDateFormatW.KERNEL32(00000400,00000000,?,00000000,?,00000032), ref: 0059BC87
                                                                                                                                                                                                                                          • GetTimeFormatW.KERNEL32(00000400,?,?,00000000,?,00000032), ref: 0059BCAE
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059BCD4
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Time$System$File$Format$DateLocalSpecific_swprintf
                                                                                                                                                                                                                                          • String ID: %s %s
                                                                                                                                                                                                                                          • API String ID: 385609497-2939940506
                                                                                                                                                                                                                                          • Opcode ID: f5503d85bbc61ad325a48ad9c3f4df484421ed9984f2fe231ee14e5b8c634639
                                                                                                                                                                                                                                          • Instruction ID: 5c438b8eb646f39437e37a5fb5eef7ff76de2b9550e73003176d11cb4e7b76e5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f5503d85bbc61ad325a48ad9c3f4df484421ed9984f2fe231ee14e5b8c634639
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4421C5B294115DABEB619FA0EC48EEF3BACFF59304F140526FA05D2111E720AA49DB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A0ED0 Relevance: 13.7, APIs: 9, Instructions: 154memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(00000000,00000000,0058C43F,0058C441,00000000,00000000,2E8FE8AB,00000001,00000000,00000000,0058C32C,?,?,?,0058C43F,ROOT\CIMV2), ref: 005A0F59
                                                                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(00000000,00000000,0058C43F,?,00000000,00000000,?,?,?,?,?,0058C43F), ref: 005A0FD4
                                                                                                                                                                                                                                          • SysAllocString.OLEAUT32(00000000), ref: 005A0FDF
                                                                                                                                                                                                                                          • _com_issue_error.COMSUPP ref: 005A1008
                                                                                                                                                                                                                                          • _com_issue_error.COMSUPP ref: 005A1012
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(80070057,2E8FE8AB,00000001,00000000,00000000,0058C32C,?,?,?,0058C43F,ROOT\CIMV2), ref: 005A1017
                                                                                                                                                                                                                                          • _com_issue_error.COMSUPP ref: 005A102A
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(00000000,?,0058C43F,ROOT\CIMV2), ref: 005A1040
                                                                                                                                                                                                                                          • _com_issue_error.COMSUPP ref: 005A1053
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _com_issue_error$ByteCharErrorLastMultiWide$AllocString
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1353541977-0
                                                                                                                                                                                                                                          • Opcode ID: 066e5900c622ad81f9360f7d0f4d456d18689ded837714ecf63a157ce5370057
                                                                                                                                                                                                                                          • Instruction ID: 337d7f1a7a0c814016a87a4ad4af197a8323dc20b2f6d8b18e9962d57284e2a7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 066e5900c622ad81f9360f7d0f4d456d18689ded837714ecf63a157ce5370057
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 69411771A00615AFCB209F68DC49BAEBFA8FF4A710F108229F505E7281D735A944CBA5
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058C3F7 Relevance: 12.5, APIs: 2, Strings: 5, Instructions: 210COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: H_prolog
                                                                                                                                                                                                                                          • String ID: Name$ROOT\CIMV2$SELECT * FROM Win32_OperatingSystem$WQL$Windows 10
                                                                                                                                                                                                                                          • API String ID: 3519838083-3505469590
                                                                                                                                                                                                                                          • Opcode ID: ff7ef0e248c6cd511ffce70932c75eafb481d9c496c7c1bcb96726bc44f171a2
                                                                                                                                                                                                                                          • Instruction ID: 1537b47ce3e512a8470c2923c6fe19e4fe7292edcdca3b204fbc412fc1dad354
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ff7ef0e248c6cd511ffce70932c75eafb481d9c496c7c1bcb96726bc44f171a2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 48714D75A002199FDF14EFA4C8949BFBFB9FF88710B140559E906B72A1CB30AD45DB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058A5E9 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 135fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 0058A5EE
                                                                                                                                                                                                                                          • GetLongPathNameW.KERNEL32(?,?,00000800), ref: 0058A611
                                                                                                                                                                                                                                          • GetShortPathNameW.KERNEL32(?,?,00000800), ref: 0058A630
                                                                                                                                                                                                                                            • Part of subcall function 0058D6A7: _wcslen.LIBCMT ref: 0058D6AF
                                                                                                                                                                                                                                            • Part of subcall function 00593316: CompareStringW.KERNEL32(00000400,00001001,?,000000FF,?,Function_00013316,0058D523,00000000,.exe,?,?,00000800,?,?,?,00599E5C), ref: 0059332C
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0058A6CC
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          • MoveFileW.KERNEL32(?,?), ref: 0058A73B
                                                                                                                                                                                                                                          • MoveFileW.KERNEL32(?,?), ref: 0058A77B
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileMoveNamePath$CompareH_prologLongShortString__vswprintf_c_l_swprintf_wcslen
                                                                                                                                                                                                                                          • String ID: rtmp%d
                                                                                                                                                                                                                                          • API String ID: 3726343395-3303766350
                                                                                                                                                                                                                                          • Opcode ID: 7d3b69fbcdce73ccf8f7d3ebb82ebbe802e2604cca3441c21c7230763dcb992f
                                                                                                                                                                                                                                          • Instruction ID: d2e3553cff0daeb136bd396b14d00f5a60f2aeb1e13312cfcb8348266f93a0c2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7d3b69fbcdce73ccf8f7d3ebb82ebbe802e2604cca3441c21c7230763dcb992f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F641217190056A66EF20BBA0CC49AEF7B7CFF95340F1404A6B945F3046EB349A85DF61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00592538 Relevance: 12.1, APIs: 8, Instructions: 125timeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __aulldiv.LIBCMT ref: 0059254E
                                                                                                                                                                                                                                            • Part of subcall function 0058C619: GetVersionExW.KERNEL32(?), ref: 0058C63E
                                                                                                                                                                                                                                          • FileTimeToLocalFileTime.KERNEL32(00000003,00000000,00000003,?,00000064,00000000,00000000,00000001), ref: 00592571
                                                                                                                                                                                                                                          • FileTimeToSystemTime.KERNEL32(00000003,?,00000003,?,00000064,00000000,00000000,00000001), ref: 00592583
                                                                                                                                                                                                                                          • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 00592594
                                                                                                                                                                                                                                          • SystemTimeToFileTime.KERNEL32(?,?), ref: 005925A4
                                                                                                                                                                                                                                          • SystemTimeToFileTime.KERNEL32(?,?), ref: 005925B4
                                                                                                                                                                                                                                          • FileTimeToSystemTime.KERNEL32(?,?,?), ref: 005925EF
                                                                                                                                                                                                                                          • __aullrem.LIBCMT ref: 00592699
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Time$File$System$Local$SpecificVersion__aulldiv__aullrem
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1247370737-0
                                                                                                                                                                                                                                          • Opcode ID: 7e8653ae6ba41153ecc79467bf6ae0c3924aef6317d4571d7e8e28231c84f13a
                                                                                                                                                                                                                                          • Instruction ID: d4c48ef77b82ef9022e1a56e1785f0d0b7273ba18d4068acbde7d2b3952df1fd
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7e8653ae6ba41153ecc79467bf6ae0c3924aef6317d4571d7e8e28231c84f13a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 494117B1908306AFC750DF65C88496BBBE9FB98314F008A2EF596C2611E734E549DF62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059AD1E Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 183COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen
                                                                                                                                                                                                                                          • String ID: </p>$</style>$<br>$<style>$>
                                                                                                                                                                                                                                          • API String ID: 176396367-3568243669
                                                                                                                                                                                                                                          • Opcode ID: c6479dcbe03e4eeacf740c860dc5e2182ef22e576987dad352f1c44ecd7b7bb8
                                                                                                                                                                                                                                          • Instruction ID: 490873894c2169e8109f5e13c1f299388d387311983ecc8a47dfca483a438071
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c6479dcbe03e4eeacf740c860dc5e2182ef22e576987dad352f1c44ecd7b7bb8
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A751176674036395DF305A288C117767BE4FFA5791FA8442BF9818B6C0FB658D4182F2
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005B084D Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetConsoleCP.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,005B0FC2,00000000,00000000,00000000,00000000,00000000,005A65AD), ref: 005B088F
                                                                                                                                                                                                                                          • __fassign.LIBCMT ref: 005B090A
                                                                                                                                                                                                                                          • __fassign.LIBCMT ref: 005B0925
                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000001,00000000,00000005,00000000,00000000), ref: 005B094B
                                                                                                                                                                                                                                          • WriteFile.KERNEL32(?,00000000,00000000,005B0FC2,00000000,?,?,?,?,?,?,?,?,?,005B0FC2,00000000), ref: 005B096A
                                                                                                                                                                                                                                          • WriteFile.KERNEL32(?,00000000,00000001,005B0FC2,00000000,?,?,?,?,?,?,?,?,?,005B0FC2,00000000), ref: 005B09A3
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileWrite__fassign$ByteCharConsoleMultiWide
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1324828854-0
                                                                                                                                                                                                                                          • Opcode ID: e1288ab012e11fb81eb6b6be22c5eebd05eaaf4d4ac3260e378bd1583dd24e9c
                                                                                                                                                                                                                                          • Instruction ID: 03d614f2560a899223668dac96c579783b9f1c2f8aef98e8a19eed27461ffd45
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e1288ab012e11fb81eb6b6be22c5eebd05eaaf4d4ac3260e378bd1583dd24e9c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4F519F71A00249AFDB10CFA8D885BEEBBF8FF19300F14511AE955E7292E730A945CB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A3A90 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _ValidateLocalCookies.LIBCMT ref: 005A3AC7
                                                                                                                                                                                                                                          • ___except_validate_context_record.LIBVCRUNTIME ref: 005A3ACF
                                                                                                                                                                                                                                          • _ValidateLocalCookies.LIBCMT ref: 005A3B58
                                                                                                                                                                                                                                          • __IsNonwritableInCurrentImage.LIBCMT ref: 005A3B83
                                                                                                                                                                                                                                          • _ValidateLocalCookies.LIBCMT ref: 005A3BD8
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                                          • String ID: csm
                                                                                                                                                                                                                                          • API String ID: 1170836740-1018135373
                                                                                                                                                                                                                                          • Opcode ID: df16a557b293ef6cd6b7abe07e933e0e2cbdbc0af0ebd0a770948d4708d36eec
                                                                                                                                                                                                                                          • Instruction ID: bfbd17cae32cdcd79310659eae84d2b357a08733cc64e33d4b947e48c95ca131
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: df16a557b293ef6cd6b7abe07e933e0e2cbdbc0af0ebd0a770948d4708d36eec
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5741A234A0021DAFCF10DF69C895A9EBFB5BF86328F148155F8185B292D771AE05CFA0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059AEF5 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • ShowWindow.USER32(?,00000000), ref: 0059AF0E
                                                                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 0059AF64
                                                                                                                                                                                                                                          • ShowWindow.USER32(?,00000005,00000000), ref: 0059B001
                                                                                                                                                                                                                                          • SetWindowTextW.USER32(?,00000000), ref: 0059B009
                                                                                                                                                                                                                                          • ShowWindow.USER32(00000000,00000005), ref: 0059B01F
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Window$Show$RectText
                                                                                                                                                                                                                                          • String ID: RarHtmlClassName
                                                                                                                                                                                                                                          • API String ID: 3937224194-1658105358
                                                                                                                                                                                                                                          • Opcode ID: 750d1505e47b1a8e7568c46f5e9fe3401c634d8c92487e17eba635aec194973c
                                                                                                                                                                                                                                          • Instruction ID: 28dda80c5e41d5c0239fffdcf59faaaf52da280099640096b6c44badd6b11c75
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 750d1505e47b1a8e7568c46f5e9fe3401c634d8c92487e17eba635aec194973c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2741DF76404204AFEF259F20DD8DB6B7FA8FB48304F144559F9895A052EB70E808DBA1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059A975 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 106COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen
                                                                                                                                                                                                                                          • String ID: $&nbsp;$<br>$<style>body{font-family:"Arial";font-size:12;}</style>
                                                                                                                                                                                                                                          • API String ID: 176396367-3743748572
                                                                                                                                                                                                                                          • Opcode ID: 9ae1e7bcd7cb7f04bae24d44f1a8a3f2bcb810276a25c98df87257e76c8193ef
                                                                                                                                                                                                                                          • Instruction ID: be5012a32fbc8dc999dff895d295b980e597147c77d26cd2f7b6470ed9561a35
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9ae1e7bcd7cb7f04bae24d44f1a8a3f2bcb810276a25c98df87257e76c8193ef
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CB313A326447059BEE34AA549C46B7E7BE4FB90320F60841EF98557280FA50AD84C3F7
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ADA64 Relevance: 10.6, APIs: 7, Instructions: 65COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005ADA28: _free.LIBCMT ref: 005ADA51
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADAB2
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: RtlFreeHeap.NTDLL(00000000,00000000,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?), ref: 005AA680
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: GetLastError.KERNEL32(?,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?,?), ref: 005AA692
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADABD
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADAC8
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADB1C
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADB27
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADB32
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADB3D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 776569668-0
                                                                                                                                                                                                                                          • Opcode ID: ed90a822092467ab948ce4ab8a4e5ff1fef504289117e408d2aed02f462530fb
                                                                                                                                                                                                                                          • Instruction ID: e241a9ba8e09e225540cbb45c947c664de3c3f09529bb6308e2d556e07619558
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ed90a822092467ab948ce4ab8a4e5ff1fef504289117e408d2aed02f462530fb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 12119A71944B05AAD620BBB1CC0BFCF7FBCBF92300F400C14B29BA6462DB34A4409B61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059F77A Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 45libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,?,0059F7F5,0059F758,0059F9F9), ref: 0059F791
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,AcquireSRWLockExclusive), ref: 0059F7A7
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,ReleaseSRWLockExclusive), ref: 0059F7BC
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressProc$HandleModule
                                                                                                                                                                                                                                          • String ID: AcquireSRWLockExclusive$KERNEL32.DLL$ReleaseSRWLockExclusive
                                                                                                                                                                                                                                          • API String ID: 667068680-1718035505
                                                                                                                                                                                                                                          • Opcode ID: e56c0f1d135020262d4f88c957bad23f8cb0c38f18a5dd3555843d69dd4dbf89
                                                                                                                                                                                                                                          • Instruction ID: ef3c4dadab1193fad918bcad1d2a32a5a1a3a3eb46435b4ecbbe2bd077b6703f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e56c0f1d135020262d4f88c957bad23f8cb0c38f18a5dd3555843d69dd4dbf89
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2BF0F6317013225B9F755FF88DC85762FDCFA11395320083BEA51D7250D610DC49ABE0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00592799 Relevance: 9.1, APIs: 6, Instructions: 98timeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • SystemTimeToFileTime.KERNEL32(?,?), ref: 005927F1
                                                                                                                                                                                                                                            • Part of subcall function 0058C619: GetVersionExW.KERNEL32(?), ref: 0058C63E
                                                                                                                                                                                                                                          • LocalFileTimeToFileTime.KERNEL32(?,?), ref: 00592815
                                                                                                                                                                                                                                          • FileTimeToSystemTime.KERNEL32(?,?), ref: 0059282F
                                                                                                                                                                                                                                          • TzSpecificLocalTimeToSystemTime.KERNEL32(00000000,?,?), ref: 00592842
                                                                                                                                                                                                                                          • SystemTimeToFileTime.KERNEL32(?,?), ref: 00592852
                                                                                                                                                                                                                                          • SystemTimeToFileTime.KERNEL32(?,?), ref: 00592862
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Time$File$System$Local$SpecificVersion
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2092733347-0
                                                                                                                                                                                                                                          • Opcode ID: 2bb5b02711a797fa59a98e5a8ec95796947a10fd405069b4335006c115270586
                                                                                                                                                                                                                                          • Instruction ID: 485e0bae6fff29fa5f50f27bf4f0cf73ee0d701a59dc47b29f5b532823b55dc7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2bb5b02711a797fa59a98e5a8ec95796947a10fd405069b4335006c115270586
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A4310979108316AFC704DFA8D88499BBBE8FF98754F005A1EF995C3210E730E549CBA6
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A3C8A Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,005A3C81,005A3A3C,005A0BF4), ref: 005A3C98
                                                                                                                                                                                                                                          • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 005A3CA6
                                                                                                                                                                                                                                          • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 005A3CBF
                                                                                                                                                                                                                                          • SetLastError.KERNEL32(00000000,005A3C81,005A3A3C,005A0BF4), ref: 005A3D11
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorLastValue___vcrt_
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3852720340-0
                                                                                                                                                                                                                                          • Opcode ID: dd672f61878b0317e553b579b49a71329b6fd7ec837592223944a17e0bc67fd0
                                                                                                                                                                                                                                          • Instruction ID: 32de8a8eefb24079efd313131f34922320612d346b0d91290a9236385aa753a7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dd672f61878b0317e553b579b49a71329b6fd7ec837592223944a17e0bc67fd0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7301D8321187229E976426B4BC8DA2F6FC8FF93778F201229F610651E1EF555C05AA80
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AA515 Relevance: 9.0, APIs: 6, Instructions: 50COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,005C30C4,005A5982,005C30C4,?,?,005A53FD,?,?,005C30C4), ref: 005AA519
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA54C
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA574
                                                                                                                                                                                                                                          • SetLastError.KERNEL32(00000000,?,005C30C4), ref: 005AA581
                                                                                                                                                                                                                                          • SetLastError.KERNEL32(00000000,?,005C30C4), ref: 005AA58D
                                                                                                                                                                                                                                          • _abort.LIBCMT ref: 005AA593
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorLast$_free$_abort
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3160817290-0
                                                                                                                                                                                                                                          • Opcode ID: c69b1348e523685ef09c48372b215afdb466112131472a3d9e5c8fbef2b57381
                                                                                                                                                                                                                                          • Instruction ID: e6936c284bdbf0259fa93938b342f79ca6ee31a4b0cf2c88bb1d8c50fbfda2b6
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c69b1348e523685ef09c48372b215afdb466112131472a3d9e5c8fbef2b57381
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CBF0A936940502A7CA1633246C0EF2F1E66BBDB760F240214F65497292FF259905E95A
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059ED8B Relevance: 9.0, APIs: 6, Instructions: 42windowsynchronizationCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • WaitForSingleObject.KERNEL32(?,0000000A), ref: 0059ED97
                                                                                                                                                                                                                                          • PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0059EDB1
                                                                                                                                                                                                                                          • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0059EDC2
                                                                                                                                                                                                                                          • TranslateMessage.USER32(?), ref: 0059EDCC
                                                                                                                                                                                                                                          • DispatchMessageW.USER32(?), ref: 0059EDD6
                                                                                                                                                                                                                                          • WaitForSingleObject.KERNEL32(?,0000000A), ref: 0059EDE1
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Message$ObjectSingleWait$DispatchPeekTranslate
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2148572870-0
                                                                                                                                                                                                                                          • Opcode ID: 957373e5197e9be757f26279c7eb03234e4df51f2f301156f8737e78c9fd9c69
                                                                                                                                                                                                                                          • Instruction ID: 04541399d631155fd8f67437918e566e37b8ffb70e6dcb5f4091e155d521e45e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 957373e5197e9be757f26279c7eb03234e4df51f2f301156f8737e78c9fd9c69
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C4F03C72A01229ABCF20ABA1EC4DDCF7F6CEF61355B108021B60AD6051E634954ADBE0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058D4D2 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 148COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00591907: _wcslen.LIBCMT ref: 0059190D
                                                                                                                                                                                                                                            • Part of subcall function 0058CD5C: _wcsrchr.LIBVCRUNTIME ref: 0058CD73
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058D5A4
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058D5EC
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$_wcsrchr
                                                                                                                                                                                                                                          • String ID: .exe$.rar$.sfx
                                                                                                                                                                                                                                          • API String ID: 3513545583-31770016
                                                                                                                                                                                                                                          • Opcode ID: 0cd12c5c7a4f5fda589543a9b84673728c8af79def72a84aa6c9811c531a3f0f
                                                                                                                                                                                                                                          • Instruction ID: 5dfe2d0aa5df77c5ed495fbf55e005c0611a8c57f19b1a1a000ecedc03335231
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0cd12c5c7a4f5fda589543a9b84673728c8af79def72a84aa6c9811c531a3f0f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8F41F22250072299CB35BB74885697B7FF8FF91748B10490FFC866B1C1E7609D8183B5
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059DFCC Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetTempPathW.KERNEL32(00000800,?), ref: 0059DFE2
                                                                                                                                                                                                                                            • Part of subcall function 0058CAA0: _wcslen.LIBCMT ref: 0058CAA6
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0059E016
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000066,005D2892), ref: 0059E036
                                                                                                                                                                                                                                          • EndDialog.USER32(?,00000001), ref: 0059E143
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: DialogItemPathTempText__vswprintf_c_l_swprintf_wcslen
                                                                                                                                                                                                                                          • String ID: %s%s%u
                                                                                                                                                                                                                                          • API String ID: 110358324-1360425832
                                                                                                                                                                                                                                          • Opcode ID: 5c35f4ca556a4a92ca4cf68e9f8f2388793b5ffdde22d3c4e183cd145dc2dfef
                                                                                                                                                                                                                                          • Instruction ID: dcfe77b602daa723432adec6fce25b5100143e98903d0d062a21e385aef1cb0f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5c35f4ca556a4a92ca4cf68e9f8f2388793b5ffdde22d3c4e183cd145dc2dfef
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FF417071900259AADF25DBA4CC4AEEE7BFCFB54304F4084A6F909A7051EF709A44DF61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058CF32 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 127COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058CF56
                                                                                                                                                                                                                                          • GetCurrentDirectoryW.KERNEL32(000007FF,?,?,?,?,00000000,?,?,0058B505,?,?,00000800,?,?,0058B4CA,?), ref: 0058CFF4
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0058D06A
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$CurrentDirectory
                                                                                                                                                                                                                                          • String ID: UNC$\\?\
                                                                                                                                                                                                                                          • API String ID: 3341907918-253988292
                                                                                                                                                                                                                                          • Opcode ID: e2815da5fffed43f75243a4e9b897e289a7034deb70ff6c546d1709fdc01a07e
                                                                                                                                                                                                                                          • Instruction ID: 3e8873854e4c6155efb70c9edf3022f2b4f25bc93cf3e433a2f0ba3d028b78ef
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e2815da5fffed43f75243a4e9b897e289a7034deb70ff6c546d1709fdc01a07e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A941813254422AEAEF21BF60DC49EEE7FB9BF85350F104425FC54B6181E770A9518B71
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005ADB48 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 110COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(?,00000000,62E85006,005A5AD4,00000000,00000000,005A6B09,?,kZ,?,00000001,005A5AD4,62E85006,00000001,005A6B09,005A6B09), ref: 005ADB95
                                                                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 005ADC1E
                                                                                                                                                                                                                                          • GetStringTypeW.KERNEL32(?,00000000,00000000,?), ref: 005ADC30
                                                                                                                                                                                                                                          • __freea.LIBCMT ref: 005ADC39
                                                                                                                                                                                                                                            • Part of subcall function 005AA7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,005A5594,?,0000015D,?,?,?,?,005A6A70,000000FF,00000000,?,?), ref: 005AA830
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ByteCharMultiWide$AllocateHeapStringType__freea
                                                                                                                                                                                                                                          • String ID: kZ
                                                                                                                                                                                                                                          • API String ID: 2652629310-4247250971
                                                                                                                                                                                                                                          • Opcode ID: 8e74a4f0b731c22d388d828db4e0969264685d9205395ac09dc2e07b26aafe0b
                                                                                                                                                                                                                                          • Instruction ID: f595b98a82cc29531da4308a77d09767af257e4b61aa637d60fd772e845f2dca
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8e74a4f0b731c22d388d828db4e0969264685d9205395ac09dc2e07b26aafe0b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4A31BC72A0020AABDF25AF68CC45EAE7FB5FF52320B454228FC0596190E735DD90DBA0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C8CD Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 58windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • LoadBitmapW.USER32(00000065), ref: 0059C8DD
                                                                                                                                                                                                                                          • GetObjectW.GDI32(00000000,00000018,?), ref: 0059C902
                                                                                                                                                                                                                                          • DeleteObject.GDI32(00000000), ref: 0059C934
                                                                                                                                                                                                                                          • DeleteObject.GDI32(00000000), ref: 0059C957
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: FindResourceW.KERNEL32(?,PNG,00000000,?,?,?,0059C92D,00000066), ref: 0059B6E5
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: SizeofResource.KERNEL32(00000000,?,?,?,0059C92D,00000066), ref: 0059B6FC
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: LoadResource.KERNEL32(00000000,?,?,?,0059C92D,00000066), ref: 0059B713
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: LockResource.KERNEL32(00000000,?,?,?,0059C92D,00000066), ref: 0059B722
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: GlobalAlloc.KERNELBASE(00000002,00000000,?,?,?,?,?,0059C92D,00000066), ref: 0059B73D
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: GlobalLock.KERNEL32(00000000,?,?,?,?,?,0059C92D,00000066), ref: 0059B74E
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: GdipCreateHBITMAPFromBitmap.GDIPLUS(?,?,00FFFFFF), ref: 0059B7B7
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: GlobalUnlock.KERNEL32(00000000), ref: 0059B7D6
                                                                                                                                                                                                                                            • Part of subcall function 0059B6D2: GlobalFree.KERNEL32(00000000), ref: 0059B7DD
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: GlobalResource$Object$BitmapDeleteLoadLock$AllocCreateFindFreeFromGdipSizeofUnlock
                                                                                                                                                                                                                                          • String ID: ]
                                                                                                                                                                                                                                          • API String ID: 1428510222-3352871620
                                                                                                                                                                                                                                          • Opcode ID: dd2b95c5c82c945d631213142eac88128deb523930f9b813fdfdebd55efbdef7
                                                                                                                                                                                                                                          • Instruction ID: 7ddd399ec750cb0ddd5e5d0aefb1f2a98ba0fa9480c0c515fbef9278f980d9f3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dd2b95c5c82c945d631213142eac88128deb523930f9b813fdfdebd55efbdef7
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 08014532500A1667EF117764AD4DA7F7E79BFD1B55F050010F840BB292EF709C0996E0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059E750 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 56COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: GetDlgItem.USER32(00000000,00003021), ref: 0058133A
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: SetWindowTextW.USER32(00000000,005B45F4), ref: 00581350
                                                                                                                                                                                                                                          • EndDialog.USER32(?,00000001), ref: 0059E79B
                                                                                                                                                                                                                                          • GetDlgItemTextW.USER32(?,00000068,00000800), ref: 0059E7B1
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000066,?), ref: 0059E7C5
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000068), ref: 0059E7D4
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ItemText$DialogWindow
                                                                                                                                                                                                                                          • String ID: RENAMEDLG
                                                                                                                                                                                                                                          • API String ID: 445417207-3299779563
                                                                                                                                                                                                                                          • Opcode ID: 92a49a557db1a67b4a0787227653f522602f618ddf38c1d035936b58286a32f4
                                                                                                                                                                                                                                          • Instruction ID: 1b4f98bc2cad931e6a2d9a86e139eaefe43ca48791da861b683ae82433a9a743
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 92a49a557db1a67b4a0787227653f522602f618ddf38c1d035936b58286a32f4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6C012832280790BAE618CBB49C8AF673F5DFB69701F100414F381AA0D0C6A26809D76A
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A9235 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,?,?,?,005A91E6,?,?,005A9186,?,005BD570,0000000C,005A92DD,?,00000002), ref: 005A9255
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 005A9268
                                                                                                                                                                                                                                          • FreeLibrary.KERNEL32(00000000,?,?,?,005A91E6,?,?,005A9186,?,005BD570,0000000C,005A92DD,?,00000002,00000000), ref: 005A928B
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                                          • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                                          • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                                          • Opcode ID: 6ec1ca31d54547b7bb924d89fd4ee4434d2a70db89396587cc134e995664e0f3
                                                                                                                                                                                                                                          • Instruction ID: 562fbb331fb6e7c4318cd210571bc113fbbf06366f46fa0764239285c765596f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6ec1ca31d54547b7bb924d89fd4ee4434d2a70db89396587cc134e995664e0f3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4DF04F35A0021CBBDB659BA4DC49BEEBFB4FF48751F0042A8F905A61A1CB306E45DE90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005812F6 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 37COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 0058F608: _swprintf.LIBCMT ref: 0058F62E
                                                                                                                                                                                                                                            • Part of subcall function 0058F608: _strlen.LIBCMT ref: 0058F64F
                                                                                                                                                                                                                                            • Part of subcall function 0058F608: SetDlgItemTextW.USER32(?,005C0274,?), ref: 0058F6AF
                                                                                                                                                                                                                                            • Part of subcall function 0058F608: GetWindowRect.USER32(?,?), ref: 0058F6E9
                                                                                                                                                                                                                                            • Part of subcall function 0058F608: GetClientRect.USER32(?,?), ref: 0058F6F5
                                                                                                                                                                                                                                          • GetDlgItem.USER32(00000000,00003021), ref: 0058133A
                                                                                                                                                                                                                                          • SetWindowTextW.USER32(00000000,005B45F4), ref: 00581350
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ItemRectTextWindow$Client_strlen_swprintf
                                                                                                                                                                                                                                          • String ID: 0$p0\$p0\
                                                                                                                                                                                                                                          • API String ID: 2622349952-1724855945
                                                                                                                                                                                                                                          • Opcode ID: d23b7f5d68789ee0dd5d0bb25478275c3498749901744bdfd16dabed0cb98156
                                                                                                                                                                                                                                          • Instruction ID: 1eebd331d840412c6190f99525bd5b0bd019a677fef27697d6d9fa372aedfed8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d23b7f5d68789ee0dd5d0bb25478275c3498749901744bdfd16dabed0cb98156
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 33F03130100A88ABDF296E61880DBE93F9CBB55349F048924FD85744A1DB74C555FB14
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00590627 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 20libraryloaderCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00591B3B: GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00591B56
                                                                                                                                                                                                                                            • Part of subcall function 00591B3B: LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0059063A,Crypt32.dll,00000000,005906B4,00000200,?,00590697,00000000,00000000,?), ref: 00591B78
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,CryptProtectMemory), ref: 00590646
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(005CA1F0,CryptUnprotectMemory), ref: 00590656
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressProc$DirectoryLibraryLoadSystem
                                                                                                                                                                                                                                          • String ID: Crypt32.dll$CryptProtectMemory$CryptUnprotectMemory
                                                                                                                                                                                                                                          • API String ID: 2141747552-1753850145
                                                                                                                                                                                                                                          • Opcode ID: a45c27f2e2a6de42ad6c31fa26e14a126381f819148211610b836ea7a1fec563
                                                                                                                                                                                                                                          • Instruction ID: dfda75bbf1f8bb83ada74001dfdb3ce45003b2a2af259c8f6806b8d671ce8586
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a45c27f2e2a6de42ad6c31fa26e14a126381f819148211610b836ea7a1fec563
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EEE04F708057215EDF306F78E948B467EE47F24700B00881DE28593192DBB4E4418F10
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A3D6A Relevance: 7.7, APIs: 5, Instructions: 168COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AdjustPointer$_abort
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2252061734-0
                                                                                                                                                                                                                                          • Opcode ID: d46e7f9d786c7d51c4f96638fc247a7455efb458e46814a760db03da0fda6ccd
                                                                                                                                                                                                                                          • Instruction ID: 2c890f7c9730fd5f401a70023360368d8d4db0d2730a625feab70612a4c8117f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d46e7f9d786c7d51c4f96638fc247a7455efb458e46814a760db03da0fda6ccd
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9E51D172A012029FDB298F55E845B7EBFA9FF86318F14452DF806572A1E771EE40CB90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AD0F0 Relevance: 7.6, APIs: 5, Instructions: 68COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetEnvironmentStringsW.KERNEL32 ref: 005AD0F9
                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 005AD11C
                                                                                                                                                                                                                                            • Part of subcall function 005AA7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,005A5594,?,0000015D,?,?,?,?,005A6A70,000000FF,00000000,?,?), ref: 005AA830
                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,00000000,00000000), ref: 005AD142
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AD155
                                                                                                                                                                                                                                          • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 005AD164
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ByteCharEnvironmentMultiStringsWide$AllocateFreeHeap_free
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 336800556-0
                                                                                                                                                                                                                                          • Opcode ID: a8234b5c0d456216f3d48af4d6bbabebb3796dede7476c535fa72cc6415468cf
                                                                                                                                                                                                                                          • Instruction ID: 658ad45cac5bd0d75f06df5edb5bd3e8c821efa485b8050fb9b7c097dd1ce7d8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a8234b5c0d456216f3d48af4d6bbabebb3796dede7476c535fa72cc6415468cf
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 96017172A012157F272166BA6C8CC7F6E7DFED3BE03140229F909C6601EB649C02D5B1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AA599 Relevance: 7.6, APIs: 5, Instructions: 53COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,?,005AA7F0,005AC348,?,005AA543,00000001,00000364,?,005A53FD,?,?,005C30C4), ref: 005AA59E
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA5D3
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AA5FA
                                                                                                                                                                                                                                          • SetLastError.KERNEL32(00000000,?,005C30C4), ref: 005AA607
                                                                                                                                                                                                                                          • SetLastError.KERNEL32(00000000,?,005C30C4), ref: 005AA610
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorLast$_free
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3170660625-0
                                                                                                                                                                                                                                          • Opcode ID: 3cdd16f20b6b36812ae0170d4d229ed6811725b800d3a601ab4f56a37e87a3b6
                                                                                                                                                                                                                                          • Instruction ID: 199a5d85b28144421a77cfadfd26a83475b22a0b8a772768792d31e787c2a5fe
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3cdd16f20b6b36812ae0170d4d229ed6811725b800d3a601ab4f56a37e87a3b6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 79017D3A940601A7872677356C4DD2F2D6AFBD73703280128F90593282FF308C05E86A
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059220D Relevance: 7.5, APIs: 5, Instructions: 43COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005924EF: ResetEvent.KERNEL32(?), ref: 00592501
                                                                                                                                                                                                                                            • Part of subcall function 005924EF: ReleaseSemaphore.KERNEL32(?,00000000,00000000), ref: 00592515
                                                                                                                                                                                                                                          • ReleaseSemaphore.KERNEL32(?,00000040,00000000), ref: 00592241
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?), ref: 0059225B
                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?), ref: 00592274
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?), ref: 00592280
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?), ref: 0059228C
                                                                                                                                                                                                                                            • Part of subcall function 00592303: WaitForSingleObject.KERNEL32(?,000000FF,00592420,?,?,0059249F,?,?,?,?,?,00592489), ref: 00592309
                                                                                                                                                                                                                                            • Part of subcall function 00592303: GetLastError.KERNEL32(?,?,0059249F,?,?,?,?,?,00592489), ref: 00592315
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseHandle$ReleaseSemaphore$CriticalDeleteErrorEventLastObjectResetSectionSingleWait
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1868215902-0
                                                                                                                                                                                                                                          • Opcode ID: 01e2cf4faa4af8f7b511dde4ddbebf14adaeeda1f18ec5a23bc665731c6e46f6
                                                                                                                                                                                                                                          • Instruction ID: 163118d0e85d260ba480abbc145210a336856469883ce01e7c8e838b23f132d9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 01e2cf4faa4af8f7b511dde4ddbebf14adaeeda1f18ec5a23bc665731c6e46f6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9F01B176004708EFCB32AB64DC88FC6BBA9FB08710F104A29F26A52161CB757A59DF50
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AD9BF Relevance: 7.5, APIs: 5, Instructions: 40COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AD9D7
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: RtlFreeHeap.NTDLL(00000000,00000000,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?), ref: 005AA680
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: GetLastError.KERNEL32(?,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?,?), ref: 005AA692
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AD9E9
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005AD9FB
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADA0D
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005ADA1F
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 776569668-0
                                                                                                                                                                                                                                          • Opcode ID: 84eeba2cb8aeef92a67f0b55e14340ec353527ed01ba01d94346a3e2b2bfe6f9
                                                                                                                                                                                                                                          • Instruction ID: 1863ea983ef5bc715bdcc977565226924553e00877715f91556b32cb29d55c33
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 84eeba2cb8aeef92a67f0b55e14340ec353527ed01ba01d94346a3e2b2bfe6f9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 52F04F32944610EF8624EB64E586C1E7FFDBB96B107581C05F049D7950CB30FC809A64
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00593338 Relevance: 7.5, APIs: 5, Instructions: 39COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00593340
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00593351
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00593361
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 0059336F
                                                                                                                                                                                                                                          • CompareStringW.KERNEL32(00000400,00001001,?,?,?,?,00000000,00000000,?,0058C844,?,?,00000000,?,?,?), ref: 0059338A
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$CompareString
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3397213944-0
                                                                                                                                                                                                                                          • Opcode ID: 039d92aae7dfc9574d6d7fabd93dff5bd14387d85b583e3a4e23b728f4784e0e
                                                                                                                                                                                                                                          • Instruction ID: 61c7393d38aa5dcc640b260b8e1deabb11b0256b68f2637aa33c0aaf8e0e1447
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 039d92aae7dfc9574d6d7fabd93dff5bd14387d85b583e3a4e23b728f4784e0e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A4F01D32048115BFCF122FA1EC09CCE3F26FBD5761B158415FA195E162CA729665DA90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A9CD0 Relevance: 7.5, APIs: 5, Instructions: 30COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9CEE
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: RtlFreeHeap.NTDLL(00000000,00000000,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?), ref: 005AA680
                                                                                                                                                                                                                                            • Part of subcall function 005AA66A: GetLastError.KERNEL32(?,?,005ADA56,?,00000000,?,00000000,?,005ADA7D,?,00000007,?,?,005ADE7A,?,?), ref: 005AA692
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9D00
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9D13
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9D24
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9D35
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 776569668-0
                                                                                                                                                                                                                                          • Opcode ID: aaa09856e6f9143f5a8d118fb803476fce2aef77ea29241b317aa7954fe2fbc1
                                                                                                                                                                                                                                          • Instruction ID: 766182ee7d8790e41cecbb95670666cf29a6035540821f8c9529575ffaed4205
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: aaa09856e6f9143f5a8d118fb803476fce2aef77ea29241b317aa7954fe2fbc1
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6FF01774C016A1CFCA09AF18BC8685C3FA6F7B6B207050606F5595B2B0C762084AFEC5
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00592948 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 197COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _swprintf
                                                                                                                                                                                                                                          • String ID: %ls$%s: %s
                                                                                                                                                                                                                                          • API String ID: 589789837-2259941744
                                                                                                                                                                                                                                          • Opcode ID: b479ec38a3c97c28c7acac5d8d834bb8ca5b52e27c467d6016fb82b45413742b
                                                                                                                                                                                                                                          • Instruction ID: 9e9e79af5dc2267aefd558ac3d9ea3645ab8bfa9a787683fbad1a782506160e5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b479ec38a3c97c28c7acac5d8d834bb8ca5b52e27c467d6016fb82b45413742b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5251E432688301FAEE252A948C06F757E9ABF15F41F204D06F787B40E5C6A1A590A717
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A9330 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetModuleFileNameA.KERNEL32(00000000,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe,00000104), ref: 005A9370
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A943B
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9445
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$FileModuleName
                                                                                                                                                                                                                                          • String ID: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop27.345.18448.11434.exe
                                                                                                                                                                                                                                          • API String ID: 2506810119-1264874625
                                                                                                                                                                                                                                          • Opcode ID: 3b7605ea4e87ac5e95856cedadcd003aa67346f5d29edc5e6a2cb7b995529bae
                                                                                                                                                                                                                                          • Instruction ID: 8f73ab4ed22095d229a901d8aecef0bfc49d602b2a2bb99c9567ed6ffbd8aa18
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3b7605ea4e87ac5e95856cedadcd003aa67346f5d29edc5e6a2cb7b995529bae
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D1318D71A00269EBCF259F9998859AEBFF8FBDA710B1040A6E5049B201D7708A45DB91
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A4366 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • EncodePointer.KERNEL32(00000000,?,00000000,1FFFFFFF), ref: 005A438B
                                                                                                                                                                                                                                          • _abort.LIBCMT ref: 005A4496
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: EncodePointer_abort
                                                                                                                                                                                                                                          • String ID: MOC$RCC
                                                                                                                                                                                                                                          • API String ID: 948111806-2084237596
                                                                                                                                                                                                                                          • Opcode ID: 0f760b8f3386d35f533a7d4804155b73b004a4bd68431c0803d16b59b9721f4b
                                                                                                                                                                                                                                          • Instruction ID: 1fe993c4758c8e5af986abb1aeaf016724dbc7290c5305f98d58097e95768568
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0f760b8f3386d35f533a7d4804155b73b004a4bd68431c0803d16b59b9721f4b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7F416871900209EFCF15DF98DC81AAEBFB5BF89304F148459FA0467222D375AA61DF50
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00587F1B Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 92COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 00587F20
                                                                                                                                                                                                                                            • Part of subcall function 005842F1: __EH_prolog.LIBCMT ref: 005842F6
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,00000800,?,?,?,00000000,00000000), ref: 00587FE5
                                                                                                                                                                                                                                            • Part of subcall function 00588704: GetCurrentProcess.KERNEL32(00000020,?), ref: 00588713
                                                                                                                                                                                                                                            • Part of subcall function 00588704: GetLastError.KERNEL32 ref: 00588759
                                                                                                                                                                                                                                            • Part of subcall function 00588704: CloseHandle.KERNEL32(?), ref: 00588768
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorH_prologLast$CloseCurrentHandleProcess
                                                                                                                                                                                                                                          • String ID: SeRestorePrivilege$SeSecurityPrivilege
                                                                                                                                                                                                                                          • API String ID: 3813983858-639343689
                                                                                                                                                                                                                                          • Opcode ID: d3b0c2611f771892e36a3052a026e0d99b154cbc98be9dc674f99ae5a19de41f
                                                                                                                                                                                                                                          • Instruction ID: 14edf9a44fb69f895c5ad433b7fbe70b48fa18168220f2cfd1a1ff66e8aa88d6
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d3b0c2611f771892e36a3052a026e0d99b154cbc98be9dc674f99ae5a19de41f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F231DF31940249AEEF20FBA49849BFE7FA8FB58354F104025FD04F6192DB749A48DB61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059BDE0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 72COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: GetDlgItem.USER32(00000000,00003021), ref: 0058133A
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: SetWindowTextW.USER32(00000000,005B45F4), ref: 00581350
                                                                                                                                                                                                                                          • EndDialog.USER32(?,00000001), ref: 0059BE68
                                                                                                                                                                                                                                          • GetDlgItemTextW.USER32(?,00000066,?,?), ref: 0059BE7D
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000066,?), ref: 0059BE92
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ItemText$DialogWindow
                                                                                                                                                                                                                                          • String ID: ASKNEXTVOL
                                                                                                                                                                                                                                          • API String ID: 445417207-3402441367
                                                                                                                                                                                                                                          • Opcode ID: 70a9d57627549b9d894776fe1f8f21972067c20f69bd063bebe9b7c09082ce2d
                                                                                                                                                                                                                                          • Instruction ID: 7445a39513a7bd3002a3c23e84b2d35051b78b2c3c9898bd7085cb462429ce09
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 70a9d57627549b9d894776fe1f8f21972067c20f69bd063bebe9b7c09082ce2d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7011DF32600125AFFB159B68EE8DFA63FADFB5A740F100404F780AB0B4C7629909A765
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058EC0C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 67COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __fprintf_l.LIBCMT ref: 0058EC74
                                                                                                                                                                                                                                          • _strncpy.LIBCMT ref: 0058ECBA
                                                                                                                                                                                                                                            • Part of subcall function 005930F5: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,?,00000000,00000000,?,005C3070,?,0058EC48,00000000,?,00000050,005C3070), ref: 00593112
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ByteCharMultiWide__fprintf_l_strncpy
                                                                                                                                                                                                                                          • String ID: $%s$@%s
                                                                                                                                                                                                                                          • API String ID: 562999700-834177443
                                                                                                                                                                                                                                          • Opcode ID: 56aae59d9739200188356aa1e7a85c61db17f6c389be425bbe63464418503497
                                                                                                                                                                                                                                          • Instruction ID: f982bdec852bd317c4c8e52eb446cd97337abb954c0a4f7178076f61f47c4fb9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 56aae59d9739200188356aa1e7a85c61db17f6c389be425bbe63464418503497
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0D216D7294021DAEEF20EEA4CD47FEE3FB8BF05700F140526FD11A61A2E671EA448B51
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00592166 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 63COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(00000320,00000000,?,?,?,0058C04A,00000008,?,00000000,?,0058E685,?,00000000), ref: 005921A5
                                                                                                                                                                                                                                          • CreateSemaphoreW.KERNEL32(00000000,00000000,00000040,00000000,?,?,?,0058C04A,00000008,?,00000000,?,0058E685,?,00000000), ref: 005921AF
                                                                                                                                                                                                                                          • CreateEventW.KERNEL32(00000000,00000001,00000001,00000000,?,?,?,0058C04A,00000008,?,00000000,?,0058E685,?,00000000), ref: 005921BF
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          • Thread pool initialization failed., xrefs: 005921D7
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Create$CriticalEventInitializeSectionSemaphore
                                                                                                                                                                                                                                          • String ID: Thread pool initialization failed.
                                                                                                                                                                                                                                          • API String ID: 3340455307-2182114853
                                                                                                                                                                                                                                          • Opcode ID: 73208eaac46ded1886d0f6860b9852cb6e9da34d6baaf1ef8734222964e288c9
                                                                                                                                                                                                                                          • Instruction ID: 1b848d977a4a0287f1725d4a6c727c6377d14d34fff46fd5f036b7331f02f680
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 73208eaac46ded1886d0f6860b9852cb6e9da34d6baaf1ef8734222964e288c9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 431194B1604709AFC7215F6A9C88AA7FFDCFB65344F60482EF6D6C6201D6716940DB60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059C460 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 62COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: GetDlgItem.USER32(00000000,00003021), ref: 0058133A
                                                                                                                                                                                                                                            • Part of subcall function 005812F6: SetWindowTextW.USER32(00000000,005B45F4), ref: 00581350
                                                                                                                                                                                                                                          • EndDialog.USER32(?,00000001), ref: 0059C4AE
                                                                                                                                                                                                                                          • GetDlgItemTextW.USER32(?,00000066,?,00000200), ref: 0059C4C6
                                                                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000067,?), ref: 0059C4F4
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ItemText$DialogWindow
                                                                                                                                                                                                                                          • String ID: GETPASSWORD1
                                                                                                                                                                                                                                          • API String ID: 445417207-3292211884
                                                                                                                                                                                                                                          • Opcode ID: a5fd18d1825c6e1ae1f334945910b361353ff45f3a660e6bfd815b386db67b05
                                                                                                                                                                                                                                          • Instruction ID: 470af4fdb7c9bab4eb3307e43fd0fa53c4f5d4a8151368913bce45c31530a29f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a5fd18d1825c6e1ae1f334945910b361353ff45f3a660e6bfd815b386db67b05
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A511A172A001197AEF249A649C99FFA3F6DFB46715F000421FB4AF61C0C275A9069664
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059EE2D Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 46COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID: RENAMEDLG$REPLACEFILEDLG
                                                                                                                                                                                                                                          • API String ID: 0-56093855
                                                                                                                                                                                                                                          • Opcode ID: 8d22fc99b8039d024d5a604f9a427c584f02145206a26586bf0c9e2a36e495ab
                                                                                                                                                                                                                                          • Instruction ID: b7e392793468462d75d474145285201ac7a173f1e2974b48e68147cad2e5b6b4
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8d22fc99b8039d024d5a604f9a427c584f02145206a26586bf0c9e2a36e495ab
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 09019E72604648AFCF159F29EC89E667FECF725388B140425F94593270D2719C58EBA1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00584957 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 34COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • std::_Xinvalid_argument.LIBCPMT ref: 0058495C
                                                                                                                                                                                                                                            • Part of subcall function 0059FD1D: std::invalid_argument::invalid_argument.LIBCONCRT ref: 0059FD29
                                                                                                                                                                                                                                            • Part of subcall function 0059FD1D: ___delayLoadHelper2@8.DELAYIMP ref: 0059FD4F
                                                                                                                                                                                                                                          • std::_Xinvalid_argument.LIBCPMT ref: 00584967
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Xinvalid_argumentstd::_$Helper2@8Load___delaystd::invalid_argument::invalid_argument
                                                                                                                                                                                                                                          • String ID: string too long$vector too long
                                                                                                                                                                                                                                          • API String ID: 2355824318-1617939282
                                                                                                                                                                                                                                          • Opcode ID: 0c4166bcce30e26313618f0343c1e5fb5824cfcac359381b3c8046658e0f24d7
                                                                                                                                                                                                                                          • Instruction ID: 3f8facb8edf41bc66975ba1caa32f17b6941708f9a13a5b4f47742cbc09c310f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0c4166bcce30e26313618f0343c1e5fb5824cfcac359381b3c8046658e0f24d7
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 71F012313003156B8634AE59EC4584BBBE9FF85B507610916EE45E3602D7B0B9048FB5
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005AABDA Relevance: 6.3, APIs: 4, Instructions: 305COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: __alldvrm$_strrchr
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1036877536-0
                                                                                                                                                                                                                                          • Opcode ID: 11928e2537a4dd367eb88350d438216194463e35c46b68634b5d5fb98095dd98
                                                                                                                                                                                                                                          • Instruction ID: fd4bbc738b45f8cc455592a72f6960021fc17686ca3c7d40f5e8c766cba74cb3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 11928e2537a4dd367eb88350d438216194463e35c46b68634b5d5fb98095dd98
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9CA11472A003869FEB22CF18C8917AEBFE9FF56310F18456DE4859B282D7389D41C752
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058B74D Relevance: 6.1, APIs: 4, Instructions: 127filetimeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,40000000,00000003,00000000,00000003,02000000,00000000,?,?,?,00000800,?,00588D5C,?,?,?), ref: 0058B7F3
                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,40000000,00000003,00000000,00000003,02000000,00000000,?,?,00000800,?,00000800,?,00588D5C,?,?), ref: 0058B837
                                                                                                                                                                                                                                          • SetFileTime.KERNEL32(?,00588AEC,?,00000000,?,00000800,?,00588D5C,?,?,?,?,?,?,?,?), ref: 0058B8B8
                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?,?,00000800,?,00588D5C,?,?,?,?,?,?,?,?,?,?), ref: 0058B8BF
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Create$CloseHandleTime
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2287278272-0
                                                                                                                                                                                                                                          • Opcode ID: 3dacd4d40999bf61f1e8989c3c5cfa1129b32207dac1fc03abce73571036dd20
                                                                                                                                                                                                                                          • Instruction ID: 7849b243688671a115ee6acae7aead73a0cd612b2d83cef00d63730041e4c205
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3dacd4d40999bf61f1e8989c3c5cfa1129b32207dac1fc03abce73571036dd20
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3641BE31248381AAF731EE24DC55BAABFECABD5300F08091DF9D1E7191D764AA48DB52
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005810E0 Relevance: 6.1, APIs: 4, Instructions: 119COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 176396367-0
                                                                                                                                                                                                                                          • Opcode ID: cf88458779f8ed95b731dcee1e91eda35a3b6eb68e9af34f9b4ad200ff655e3b
                                                                                                                                                                                                                                          • Instruction ID: 88310c1c5759cb95d45e2bd37b22808ec8186be77f614fa45042745cb826a214
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: cf88458779f8ed95b731dcee1e91eda35a3b6eb68e9af34f9b4ad200ff655e3b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C7419271900A669BCB25ABA89C4D9EEBF7CFF55310F000029FD45FB245DA30AD498BA4
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058851F Relevance: 6.1, APIs: 4, Instructions: 118COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00588532
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00588558
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 005885EF
                                                                                                                                                                                                                                          • _wcslen.LIBCMT ref: 00588657
                                                                                                                                                                                                                                            • Part of subcall function 0058B966: FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0058B991
                                                                                                                                                                                                                                            • Part of subcall function 0058B41F: RemoveDirectoryW.KERNEL32(?,?,?,00588649,?), ref: 0058B430
                                                                                                                                                                                                                                            • Part of subcall function 0058B41F: RemoveDirectoryW.KERNEL32(?,?,?,00000800,?,00588649,?), ref: 0058B45E
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _wcslen$DirectoryRemove$CloseFind
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 973666142-0
                                                                                                                                                                                                                                          • Opcode ID: e0f50f7b53dfb6e5f5ef76ba58ffa1aa3b18ce34434ecafa38cc78c1fb134bab
                                                                                                                                                                                                                                          • Instruction ID: de671d68eb2a3da7470e7b6a484d446b66dbd2fc11d803a25e5d6779e23f06f5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e0f50f7b53dfb6e5f5ef76ba58ffa1aa3b18ce34434ecafa38cc78c1fb134bab
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F6319172900259AACF21BB608C49BFE3B69FF95380F4448A5FD45B7146EF70DE848B90
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059B673 Relevance: 6.0, APIs: 4, Instructions: 19COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetDC.USER32(00000000), ref: 0059B676
                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,00000058), ref: 0059B685
                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000005A), ref: 0059B693
                                                                                                                                                                                                                                          • ReleaseDC.USER32(00000000,00000000), ref: 0059B6A1
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CapsDevice$Release
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1035833867-0
                                                                                                                                                                                                                                          • Opcode ID: 30d8c233ce231cf112e121aea53100ed4c41075313787e2e568e598627a593bb
                                                                                                                                                                                                                                          • Instruction ID: 2b45a620102b5eebdb6a2ff6dc841128bbd06c968b50f49e7fb3b41d8a66c52a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 30d8c233ce231cf112e121aea53100ed4c41075313787e2e568e598627a593bb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 67E0EC31985EA4ABDB281F61BC9DB9A3F54AB2571AF040005F6819A190EAF0440CAFD1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059B81C Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 238COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 0059B6A9: GetDC.USER32(00000000), ref: 0059B6AD
                                                                                                                                                                                                                                            • Part of subcall function 0059B6A9: GetDeviceCaps.GDI32(00000000,0000000C), ref: 0059B6B8
                                                                                                                                                                                                                                            • Part of subcall function 0059B6A9: ReleaseDC.USER32(00000000,00000000), ref: 0059B6C3
                                                                                                                                                                                                                                          • GetObjectW.GDI32(?,00000018,?), ref: 0059B84C
                                                                                                                                                                                                                                            • Part of subcall function 0059BADE: GetDC.USER32(00000000), ref: 0059BAE7
                                                                                                                                                                                                                                            • Part of subcall function 0059BADE: GetObjectW.GDI32(?,00000018,?), ref: 0059BB16
                                                                                                                                                                                                                                            • Part of subcall function 0059BADE: ReleaseDC.USER32(00000000,?), ref: 0059BBAE
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ObjectRelease$CapsDevice
                                                                                                                                                                                                                                          • String ID: (
                                                                                                                                                                                                                                          • API String ID: 1061551593-3887548279
                                                                                                                                                                                                                                          • Opcode ID: 3c636bc7de67696bf3c7c0e358b6a49877b063535afea74240914590dfe2b650
                                                                                                                                                                                                                                          • Instruction ID: 40c34afa66490f717fe92199581f097fcbfb3806623d860611ac9e841681fab0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3c636bc7de67696bf3c7c0e358b6a49877b063535afea74240914590dfe2b650
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7391F275604350AFEA60DF25D848A2BBBE8FFD9704F00491EF59AD7260DB30A805DF62
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005880BE Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 138timeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __EH_prolog.LIBCMT ref: 005880C3
                                                                                                                                                                                                                                            • Part of subcall function 00591907: _wcslen.LIBCMT ref: 0059190D
                                                                                                                                                                                                                                            • Part of subcall function 0058B966: FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0058B991
                                                                                                                                                                                                                                          • SetFileTime.KERNEL32(?,?,?,?,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 00588262
                                                                                                                                                                                                                                            • Part of subcall function 0058B8E6: SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B8FA
                                                                                                                                                                                                                                            • Part of subcall function 0058B8E6: SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0058B5B5,?,?,?,0058B405,?,00000001,00000000,?,?), ref: 0058B92B
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Attributes$CloseFindH_prologTime_wcslen
                                                                                                                                                                                                                                          • String ID: :
                                                                                                                                                                                                                                          • API String ID: 3226429890-336475711
                                                                                                                                                                                                                                          • Opcode ID: d470ff41f77445ab37e799d4f3e0965e06bbad4e22807d7d18ac5f657bdfa36e
                                                                                                                                                                                                                                          • Instruction ID: c7a96cb83a7fbf26c69f4ab489b969c9fb090aebc76191876820f73044ab069c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d470ff41f77445ab37e799d4f3e0965e06bbad4e22807d7d18ac5f657bdfa36e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2A515171800519AAEB24FB60CC5AEEE7B7DFF85300F504095BA06B6092DB745F85CF61
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0059069C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 67COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00590627: GetProcAddress.KERNEL32(00000000,CryptProtectMemory), ref: 00590646
                                                                                                                                                                                                                                            • Part of subcall function 00590627: GetProcAddress.KERNEL32(005CA1F0,CryptUnprotectMemory), ref: 00590656
                                                                                                                                                                                                                                          • GetCurrentProcessId.KERNEL32(?,00000200,?,00590697), ref: 0059072A
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          • CryptProtectMemory failed, xrefs: 005906E1
                                                                                                                                                                                                                                          • CryptUnprotectMemory failed, xrefs: 00590722
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressProc$CurrentProcess
                                                                                                                                                                                                                                          • String ID: CryptProtectMemory failed$CryptUnprotectMemory failed
                                                                                                                                                                                                                                          • API String ID: 2190909847-396321323
                                                                                                                                                                                                                                          • Opcode ID: 3d58a6b64b4ceedb6f9769c9546635a4dca964da2db787ba82276e9b404ea743
                                                                                                                                                                                                                                          • Instruction ID: 7342b305b21c5988dd4e6a0672d820cc6e405d3764925ca15ddca688170340a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3d58a6b64b4ceedb6f9769c9546635a4dca964da2db787ba82276e9b404ea743
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F5115132A00629AFCF216F60DC48A6E3F54FF50764B044105FC006B2D2D730AC80DE95
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058CDC0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _swprintf.LIBCMT ref: 0058CDE7
                                                                                                                                                                                                                                            • Part of subcall function 00584A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00584A33
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: __vswprintf_c_l_swprintf
                                                                                                                                                                                                                                          • String ID: %c:\
                                                                                                                                                                                                                                          • API String ID: 1543624204-3142399695
                                                                                                                                                                                                                                          • Opcode ID: 5027aa6c8eac82898e3cbeb36480687f9b442196a68ff8a50f1d3eb80083aae8
                                                                                                                                                                                                                                          • Instruction ID: a2b0dfd682db44e58ba3cc5253094a973e51bdd46af7349db44cc01442b9c486
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5027aa6c8eac82898e3cbeb36480687f9b442196a68ff8a50f1d3eb80083aae8
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9501F9635047127ADA317B699C8AD6BAFACFFD6370B40481AFC45E6082EA30D440C3B1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A0D7C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 59COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 005A0DBD
                                                                                                                                                                                                                                          • ___raise_securityfailure.LIBCMT ref: 005A0EA5
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FeaturePresentProcessor___raise_securityfailure
                                                                                                                                                                                                                                          • String ID: x=^
                                                                                                                                                                                                                                          • API String ID: 3761405300-1134089399
                                                                                                                                                                                                                                          • Opcode ID: 2893739965302879e13df4b44b5982fec4e7f9b76d4d10f98801dfb237baef40
                                                                                                                                                                                                                                          • Instruction ID: 5013a454f04c47fadd34b99e0d8954ed2d16c53f06f6ab3c3ae14b6ffb496a89
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2893739965302879e13df4b44b5982fec4e7f9b76d4d10f98801dfb237baef40
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DA21EBB6510380EED718CF15EDCA6547BF8FB68754F14506AE5848F2A0D3B0AA88EF40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 005A962A Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 33COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 005AD0F0: GetEnvironmentStringsW.KERNEL32 ref: 005AD0F9
                                                                                                                                                                                                                                            • Part of subcall function 005AD0F0: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 005AD11C
                                                                                                                                                                                                                                            • Part of subcall function 005AD0F0: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,00000000,00000000), ref: 005AD142
                                                                                                                                                                                                                                            • Part of subcall function 005AD0F0: _free.LIBCMT ref: 005AD155
                                                                                                                                                                                                                                            • Part of subcall function 005AD0F0: FreeEnvironmentStringsW.KERNEL32(00000000), ref: 005AD164
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9670
                                                                                                                                                                                                                                          • _free.LIBCMT ref: 005A9677
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _free$ByteCharEnvironmentMultiStringsWide$Free
                                                                                                                                                                                                                                          • String ID: hB^
                                                                                                                                                                                                                                          • API String ID: 400815659-4145615614
                                                                                                                                                                                                                                          • Opcode ID: 69384a22684edbc1f60d3f4d70233fcd3e9cea314eeae59d60ba50536a137eea
                                                                                                                                                                                                                                          • Instruction ID: ab6a0aa6fccb114aef3fa83b26edc44b5df3e01a66118be2abc4259bb5c2f3be
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 69384a22684edbc1f60d3f4d70233fcd3e9cea314eeae59d60ba50536a137eea
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0DE02257E0A56245DB7A367F2C1AA6F1E447FD3730F220316FA25DB2C2DF548C0254AA
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058F968 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 31COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • LoadStringW.USER32(0058771D,?,005813BC,0058771D), ref: 0058F998
                                                                                                                                                                                                                                          • LoadStringW.USER32(0058771D,?,005813BC), ref: 0058F9AF
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: LoadString
                                                                                                                                                                                                                                          • String ID: p0\
                                                                                                                                                                                                                                          • API String ID: 2948472770-371956334
                                                                                                                                                                                                                                          • Opcode ID: c55a8999c109725b42dcd63593c50a55d158ab775899c781daa793336e8dccba
                                                                                                                                                                                                                                          • Instruction ID: 8ac599d5f556a159d3c226b6c5f319a6636dc61efe45accd467befd6b9bb7d06
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c55a8999c109725b42dcd63593c50a55d158ab775899c781daa793336e8dccba
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BAF07A36100159BBDF155F55DC09DAA7F69FF192917008425FD44A6120D6328D64EBA0
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00592303 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19synchronizationCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • WaitForSingleObject.KERNEL32(?,000000FF,00592420,?,?,0059249F,?,?,?,?,?,00592489), ref: 00592309
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,0059249F,?,?,?,?,?,00592489), ref: 00592315
                                                                                                                                                                                                                                            • Part of subcall function 005876E9: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00587707
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          • WaitForMultipleObjects error %d, GetLastError %d, xrefs: 0059231E
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorLastObjectSingleWait__vswprintf_c_l
                                                                                                                                                                                                                                          • String ID: WaitForMultipleObjects error %d, GetLastError %d
                                                                                                                                                                                                                                          • API String ID: 1091760877-2248577382
                                                                                                                                                                                                                                          • Opcode ID: 8aae6184c6e1ee3447bf7324ed17f23fdbd9510998b2fa46cd8b2f0e362cd2f0
                                                                                                                                                                                                                                          • Instruction ID: dc789c5ec0804840a699010e0aedd0cdc0fc4caa52d16fdcdc73de6644aaa2a4
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8aae6184c6e1ee3447bf7324ed17f23fdbd9510998b2fa46cd8b2f0e362cd2f0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A0D02B3340C42937CA1133686C0EDAE3C04BF71330F304B04F635652F1EA60094146A2
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 0058F5BE Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 13COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetModuleHandleW.KERNEL32(00000000,?,0058ED75,?), ref: 0058F5C3
                                                                                                                                                                                                                                          • FindResourceW.KERNEL32(00000000,RTL,00000005,?,0058ED75,?), ref: 0058F5D1
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1692832201.0000000000581000.00000020.00000001.01000000.00000003.sdmp, Offset: 00580000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692789553.0000000000580000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692912861.00000000005B4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005C7000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005DF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1692956938.00000000005E4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1694701143.00000000005E5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_580000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FindHandleModuleResource
                                                                                                                                                                                                                                          • String ID: RTL
                                                                                                                                                                                                                                          • API String ID: 3537982541-834975271
                                                                                                                                                                                                                                          • Opcode ID: 408393acab8e86840c3cfa10f900a0b88b3705a3c11afbece73ece92ee8c8e27
                                                                                                                                                                                                                                          • Instruction ID: eb13672269c9a5d4e6fa2791a800d7aa989a4e46352ed75bde5e0b3294ceafec
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 408393acab8e86840c3cfa10f900a0b88b3705a3c11afbece73ece92ee8c8e27
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 10C0123124435456DA7037716C0DB932F986B10715F050558B601DE1C2DAE5E8448B60
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                                                                          Execution Coverage:11.8%
                                                                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                          Signature Coverage:2.1%
                                                                                                                                                                                                                                          Total number of Nodes:2000
                                                                                                                                                                                                                                          Total number of Limit Nodes:51
                                                                                                                                                                                                                                          execution_graph 30784 7ff61d38f280 30835 7ff61d3afac0 30784->30835 30787 7ff61d38f2e1 30837 7ff61d38f640 30787->30837 30789 7ff61d38f324 __scrt_get_show_window_mode 30790 7ff61d38f338 RegOpenKeyExW 30789->30790 30791 7ff61d38f36e RegQueryValueExW RegCloseKey 30790->30791 30792 7ff61d38f3b9 30790->30792 30791->30792 30834 7ff61d38f58f 30792->30834 30882 7ff61d3819d0 30792->30882 30797 7ff61d381810 2 API calls 30798 7ff61d38f633 30797->30798 30801 7ff61d381810 2 API calls 30798->30801 30799 7ff61d38f40c 30929 7ff61d3826a0 30799->30929 30800 7ff61d38f3fd 30928 7ff61d3823c0 56 API calls wmemcpy_s 30800->30928 30803 7ff61d38f63e 30801->30803 30804 7ff61d38f40a 30806 7ff61d3819d0 57 API calls 30804->30806 30807 7ff61d38f432 30806->30807 30807->30798 30808 7ff61d38f46e 30807->30808 30809 7ff61d38f45f 30807->30809 30811 7ff61d3826a0 49 API calls 30808->30811 30951 7ff61d3823c0 56 API calls wmemcpy_s 30809->30951 30814 7ff61d38f46c 30811->30814 30812 7ff61d38f61d 30813 7ff61d381810 2 API calls 30812->30813 30818 7ff61d38f628 30813->30818 30814->30812 30815 7ff61d38f4b8 30814->30815 30952 7ff61d382630 30814->30952 30898 7ff61d3bad00 30815->30898 30818->30797 30820 7ff61d38f507 30822 7ff61d3bad00 54 API calls 30820->30822 30821 7ff61d382630 49 API calls 30821->30820 30823 7ff61d38f51a 30822->30823 30823->30812 30824 7ff61d3819d0 57 API calls 30823->30824 30825 7ff61d38f530 30824->30825 30826 7ff61d38f613 30825->30826 30827 7ff61d38f53c 30825->30827 30975 7ff61d381810 30826->30975 30904 7ff61d3829a0 30827->30904 30966 7ff61d3af660 30834->30966 30836 7ff61d38f2a6 GetModuleHandleW GetModuleFileNameW 30835->30836 30836->30787 30838 7ff61d3afac0 30837->30838 30839 7ff61d38f666 GetModuleHandleW GetModuleFileNameW 30838->30839 30840 7ff61d38f6a1 __scrt_get_show_window_mode 30839->30840 30841 7ff61d38f6f3 GetEnvironmentVariableW RegOpenKeyExW 30840->30841 30842 7ff61d38f78e 30841->30842 30843 7ff61d38f743 RegQueryValueExW RegCloseKey 30841->30843 30844 7ff61d3819d0 57 API calls 30842->30844 30881 7ff61d38f932 30842->30881 30843->30842 30846 7ff61d38f7a1 30844->30846 30845 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 30847 7ff61d38f97a 30845->30847 30850 7ff61d38f7e1 30846->30850 30851 7ff61d38f7d2 30846->30851 30864 7ff61d38f9ac 30846->30864 30847->30789 30848 7ff61d381810 2 API calls 30849 7ff61d38f9b7 30848->30849 30853 7ff61d3826a0 49 API calls 30850->30853 30979 7ff61d3823c0 56 API calls wmemcpy_s 30851->30979 30854 7ff61d38f7df 30853->30854 30855 7ff61d3819d0 57 API calls 30854->30855 30856 7ff61d38f81b 30855->30856 30857 7ff61d38f997 30856->30857 30860 7ff61d38f827 30856->30860 30858 7ff61d381810 2 API calls 30857->30858 30859 7ff61d38f9a1 30858->30859 30862 7ff61d381810 2 API calls 30859->30862 30861 7ff61d3829a0 68 API calls 30860->30861 30863 7ff61d38f84c 30861->30863 30862->30864 30865 7ff61d383ab0 49 API calls 30863->30865 30864->30848 30866 7ff61d38f865 30865->30866 30867 7ff61d383ab0 49 API calls 30866->30867 30868 7ff61d38f87b 30867->30868 30868->30859 30869 7ff61d38f8a1 30868->30869 30870 7ff61d382630 49 API calls 30868->30870 30871 7ff61d3bad00 54 API calls 30869->30871 30870->30869 30872 7ff61d38f8b4 30871->30872 30872->30859 30873 7ff61d38f8bd 30872->30873 30874 7ff61d383ab0 49 API calls 30873->30874 30875 7ff61d38f8d9 30874->30875 30876 7ff61d383ab0 49 API calls 30875->30876 30877 7ff61d38f90f 30876->30877 30878 7ff61d383ab0 49 API calls 30877->30878 30879 7ff61d38f923 30878->30879 30880 7ff61d38d470 12 API calls 30879->30880 30880->30881 30881->30845 30883 7ff61d3819f1 30882->30883 30884 7ff61d381a40 30882->30884 30980 7ff61d3af0a8 AcquireSRWLockExclusive 30883->30980 30886 7ff61d381ac3 30884->30886 30888 7ff61d3af0a8 3 API calls 30884->30888 30886->30799 30886->30800 30886->30818 30890 7ff61d381a56 30888->30890 30890->30886 30985 7ff61d3af348 50 API calls std::_Throw_Cpp_error 30890->30985 30895 7ff61d381aae 30986 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 30895->30986 30899 7ff61d3bad08 30898->30899 30987 7ff61d3b8ce0 30899->30987 31062 7ff61d382b10 30904->31062 30907 7ff61d383ab0 30908 7ff61d383d50 30907->30908 30910 7ff61d383ad2 30907->30910 30918 7ff61d38d470 RegCreateKeyExW 30908->30918 30909 7ff61d383d35 30909->30908 30911 7ff61d381810 2 API calls 30909->30911 30910->30908 30910->30909 30912 7ff61d382630 49 API calls 30910->30912 30914 7ff61d383c0d __scrt_get_show_window_mode BuildCatchObjectHelperInternal 30910->30914 30913 7ff61d383db2 30911->30913 30912->30914 30914->30909 31128 7ff61d3ba420 11 API calls _set_errno_from_matherr 30914->31128 30916 7ff61d383d9d 31129 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 30916->31129 30919 7ff61d38d4d2 RegSetValueExW 30918->30919 30920 7ff61d38d526 30918->30920 30924 7ff61d38d520 RegCloseKey 30919->30924 30925 7ff61d38d53b RegCloseKey 30919->30925 30921 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 30920->30921 30923 7ff61d38d535 30921->30923 30923->30834 30924->30920 30926 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 30925->30926 30927 7ff61d38d550 30926->30927 30927->30834 30928->30804 30930 7ff61d3826b7 30929->30930 30932 7ff61d3826c4 30929->30932 30931 7ff61d381810 2 API calls 30934 7ff61d3827dd 30931->30934 30933 7ff61d382710 30932->30933 30935 7ff61d382630 49 API calls 30932->30935 30948 7ff61d38275a BuildCatchObjectHelperInternal 30932->30948 30936 7ff61d382764 30933->30936 30937 7ff61d382722 30933->30937 30935->30933 30939 7ff61d382771 30936->30939 30945 7ff61d38274f __scrt_get_show_window_mode 30936->30945 30936->30948 30940 7ff61d38273d 30937->30940 30941 7ff61d382730 30937->30941 30937->30948 30938 7ff61d3827af 30938->30804 31132 7ff61d3ba420 11 API calls _set_errno_from_matherr 30939->31132 30944 7ff61d382742 30940->30944 30940->30945 31130 7ff61d3ba420 11 API calls _set_errno_from_matherr 30941->31130 31131 7ff61d3ba420 11 API calls _set_errno_from_matherr 30944->31131 30945->30948 31133 7ff61d3ba420 11 API calls _set_errno_from_matherr 30945->31133 30946 7ff61d382735 31134 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 30946->31134 30948->30931 30948->30938 30951->30814 30953 7ff61d382647 30952->30953 30955 7ff61d382684 30953->30955 31135 7ff61d382690 49 API calls 4 library calls 30953->31135 30955->30815 30956 7ff61d381810 2 API calls 30957 7ff61d382995 30956->30957 30958 7ff61d382874 __crtLCMapStringW 30959 7ff61d382630 49 API calls 30958->30959 30961 7ff61d382913 __scrt_get_show_window_mode 30958->30961 30963 7ff61d382935 BuildCatchObjectHelperInternal 30958->30963 30959->30961 30960 7ff61d38295e 30960->30815 30961->30963 31136 7ff61d3ba420 11 API calls _set_errno_from_matherr 30961->31136 30963->30956 30963->30960 30964 7ff61d38294b 31137 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 30964->31137 30967 7ff61d3af669 30966->30967 30968 7ff61d3af6b4 IsProcessorFeaturePresent 30967->30968 30969 7ff61d38f5f6 30967->30969 30970 7ff61d3af6cc 30968->30970 31138 7ff61d3af788 RtlCaptureContext RtlLookupFunctionEntry RtlVirtualUnwind 30970->31138 30972 7ff61d3af6df 31139 7ff61d3af680 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 30972->31139 30976 7ff61d381820 30975->30976 31140 7ff61d3b1450 RtlPcToFileHeader RaiseException 30976->31140 30978 7ff61d381831 30979->30854 30981 7ff61d3af0be 30980->30981 30982 7ff61d3af0c3 ReleaseSRWLockExclusive 30981->30982 30984 7ff61d3af0c8 SleepConditionVariableSRW 30981->30984 30984->30981 30985->30895 30988 7ff61d3b8cff 30987->30988 30989 7ff61d3b8d04 30987->30989 30995 7ff61d3bab08 30988->30995 30989->30988 31030 7ff61d3c4a08 47 API calls 3 library calls 30989->31030 30991 7ff61d3b8d1f 31031 7ff61d3c3398 47 API calls 30991->31031 30993 7ff61d3b8d42 31032 7ff61d3c3404 47 API calls 30993->31032 30996 7ff61d3bab5e __crtLCMapStringW 30995->30996 30997 7ff61d3bab46 30995->30997 30996->30997 31000 7ff61d3bab6e 30996->31000 31041 7ff61d3ba420 11 API calls _set_errno_from_matherr 30997->31041 30999 7ff61d3bab4b 31042 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 30999->31042 31002 7ff61d3bab57 31000->31002 31033 7ff61d3c5628 6 API calls __crtLCMapStringW 31000->31033 31007 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31002->31007 31004 7ff61d3bab98 31005 7ff61d3bab9f 31004->31005 31006 7ff61d3babda 31004->31006 31043 7ff61d3ba420 11 API calls _set_errno_from_matherr 31005->31043 31008 7ff61d3babf5 31006->31008 31009 7ff61d3babe2 31006->31009 31011 7ff61d38f4cb 31007->31011 31013 7ff61d3bacad 31008->31013 31020 7ff61d3bac14 31008->31020 31034 7ff61d3c3338 31008->31034 31045 7ff61d3ba420 11 API calls _set_errno_from_matherr 31009->31045 31011->30812 31011->30820 31011->30821 31049 7ff61d3ba420 11 API calls _set_errno_from_matherr 31013->31049 31014 7ff61d3baba4 31044 7ff61d3ba420 11 API calls _set_errno_from_matherr 31014->31044 31018 7ff61d3bacb5 31050 7ff61d3ba420 11 API calls _set_errno_from_matherr 31018->31050 31020->31013 31021 7ff61d3bac64 31020->31021 31046 7ff61d3c5628 6 API calls __crtLCMapStringW 31021->31046 31023 7ff61d3bac89 31025 7ff61d3bac9f 31023->31025 31026 7ff61d3bac8d 31023->31026 31024 7ff61d3bac9b 31024->31002 31051 7ff61d3c32fc 11 API calls 2 library calls 31024->31051 31048 7ff61d3ba420 11 API calls _set_errno_from_matherr 31025->31048 31047 7ff61d3b9f0c 47 API calls 2 library calls 31026->31047 31030->30991 31031->30993 31032->30988 31033->31004 31035 7ff61d3c3383 31034->31035 31039 7ff61d3c3347 _set_errno_from_matherr 31034->31039 31055 7ff61d3ba420 11 API calls _set_errno_from_matherr 31035->31055 31037 7ff61d3c336a RtlAllocateHeap 31038 7ff61d3c3381 31037->31038 31037->31039 31038->31020 31039->31035 31039->31037 31052 7ff61d3c2e5c 31039->31052 31041->30999 31042->31002 31043->31014 31044->31002 31045->30999 31046->31023 31047->31024 31048->31024 31049->31018 31050->31024 31051->31002 31056 7ff61d3c2e98 31052->31056 31055->31038 31061 7ff61d3c1d44 EnterCriticalSection 31056->31061 31063 7ff61d382c8c 31062->31063 31064 7ff61d382b38 std::_Throw_Cpp_error 31062->31064 31065 7ff61d381810 2 API calls 31063->31065 31084 7ff61d3b8970 31064->31084 31066 7ff61d382c97 31065->31066 31068 7ff61d381810 2 API calls 31068->31063 31069 7ff61d3819d0 57 API calls 31071 7ff61d382b96 31069->31071 31072 7ff61d382bc3 31071->31072 31073 7ff61d382bd2 31071->31073 31083 7ff61d382c81 31071->31083 31116 7ff61d3823c0 56 API calls wmemcpy_s 31072->31116 31075 7ff61d3826a0 49 API calls 31073->31075 31077 7ff61d382bd0 31075->31077 31076 7ff61d382c0c 31106 7ff61d3b8bcc 31076->31106 31077->31076 31079 7ff61d382630 49 API calls 31077->31079 31079->31076 31081 7ff61d3829bd 31081->30907 31082 7ff61d381810 2 API calls 31082->31083 31083->31068 31087 7ff61d3b89ca 31084->31087 31085 7ff61d3b89ef 31117 7ff61d3ba22c 47 API calls _invalid_parameter_noinfo_noreturn 31085->31117 31087->31085 31088 7ff61d3b8a2b 31087->31088 31118 7ff61d3b7a14 50 API calls _invalid_parameter_noinfo_noreturn 31088->31118 31090 7ff61d3b8b8d 31093 7ff61d3b8ba3 31090->31093 31123 7ff61d3b7640 47 API calls 2 library calls 31090->31123 31091 7ff61d3b8a19 31091->31090 31122 7ff61d3b7640 47 API calls 2 library calls 31091->31122 31096 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31093->31096 31098 7ff61d382b61 31096->31098 31097 7ff61d3b8ac6 31099 7ff61d3b8b32 31097->31099 31100 7ff61d3b8ad8 31097->31100 31103 7ff61d3b8ae1 31097->31103 31104 7ff61d3b8b0c 31097->31104 31098->31069 31098->31071 31098->31083 31101 7ff61d3b8b3c 31099->31101 31099->31104 31100->31103 31100->31104 31120 7ff61d3c32fc 11 API calls 2 library calls 31101->31120 31119 7ff61d3c32fc 11 API calls 2 library calls 31103->31119 31121 7ff61d3c32fc 11 API calls 2 library calls 31104->31121 31107 7ff61d3b8c05 31106->31107 31110 7ff61d3b8c48 31107->31110 31124 7ff61d3b6194 50 API calls 3 library calls 31107->31124 31111 7ff61d3b8c87 31110->31111 31125 7ff61d3ba22c 47 API calls _invalid_parameter_noinfo_noreturn 31110->31125 31112 7ff61d3b8cad 31111->31112 31126 7ff61d3b7640 47 API calls 2 library calls 31111->31126 31114 7ff61d382c33 31112->31114 31127 7ff61d3b7640 47 API calls 2 library calls 31112->31127 31114->31081 31114->31082 31116->31077 31117->31091 31118->31097 31119->31091 31120->31091 31121->31091 31122->31090 31123->31093 31124->31110 31125->31111 31126->31112 31127->31114 31128->30916 31129->30909 31130->30946 31131->30946 31132->30946 31133->30946 31134->30948 31135->30958 31136->30964 31137->30963 31138->30972 31140->30978 31141 7ff61d389880 RegCreateKeyExW 31142 7ff61d38993f 31141->31142 31143 7ff61d3898ea RegQueryValueExW 31141->31143 31146 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31142->31146 31144 7ff61d389934 RegCloseKey 31143->31144 31145 7ff61d38992c 31143->31145 31144->31142 31145->31144 31147 7ff61d38994f 31146->31147 31148 7ff61d38d560 31149 7ff61d3819d0 57 API calls 31148->31149 31150 7ff61d38d58a 31149->31150 31151 7ff61d38d766 31150->31151 31152 7ff61d38d596 31150->31152 31153 7ff61d381810 2 API calls 31151->31153 31156 7ff61d38d5bd 31152->31156 31159 7ff61d38d5cc 31152->31159 31154 7ff61d38d770 31153->31154 31155 7ff61d381810 2 API calls 31154->31155 31160 7ff61d38d77b 31155->31160 31174 7ff61d3823c0 56 API calls wmemcpy_s 31156->31174 31157 7ff61d3826a0 49 API calls 31163 7ff61d38d5ca 31157->31163 31159->31157 31159->31159 31161 7ff61d38d7c9 31160->31161 31162 7ff61d38d7bc SysFreeString 31160->31162 31162->31161 31163->31154 31164 7ff61d38d61b 31163->31164 31165 7ff61d382630 49 API calls 31163->31165 31166 7ff61d3bad00 54 API calls 31164->31166 31165->31164 31167 7ff61d38d62e 31166->31167 31167->31154 31172 7ff61d38d637 31167->31172 31168 7ff61d38d729 31169 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31168->31169 31171 7ff61d38d755 31169->31171 31170 7ff61d38d708 SHDeleteKeyW 31170->31168 31173 7ff61d38d718 RegDeleteKeyW 31170->31173 31172->31168 31172->31170 31173->31168 31174->31163 31175 7ff61d38b500 31182 7ff61d3886a0 31175->31182 31178 7ff61d3886a0 77 API calls 31179 7ff61d38b58e 31178->31179 31180 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31179->31180 31181 7ff61d38b739 31180->31181 31183 7ff61d3819d0 57 API calls 31182->31183 31184 7ff61d3886cc 31183->31184 31185 7ff61d3887c4 31184->31185 31188 7ff61d3886d8 31184->31188 31186 7ff61d381810 2 API calls 31185->31186 31187 7ff61d3887ce 31186->31187 31199 7ff61d3af39c 31188->31199 31190 7ff61d3886ff 31191 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 31190->31191 31192 7ff61d38872c 31191->31192 31193 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 31192->31193 31194 7ff61d388759 31193->31194 31195 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 31194->31195 31196 7ff61d388786 31195->31196 31197 7ff61d3829a0 68 API calls 31196->31197 31198 7ff61d3887ad 31197->31198 31198->31178 31201 7ff61d3af3a7 31199->31201 31200 7ff61d3af3c0 31200->31190 31201->31200 31202 7ff61d3c2e5c _set_errno_from_matherr 2 API calls 31201->31202 31203 7ff61d3af3c6 31201->31203 31202->31201 31204 7ff61d3af3d1 31203->31204 31225 7ff61d3afd7c RtlPcToFileHeader RaiseException std::bad_alloc::bad_alloc std::_Xinvalid_argument 31203->31225 31226 7ff61d382ff0 49 API calls 2 library calls 31204->31226 31207 7ff61d3af3d7 std::_Throw_Cpp_error 31227 7ff61d3c3044 47 API calls 2 library calls 31207->31227 31209 7ff61d3af3f4 std::_Throw_Cpp_error 31228 7ff61d3af198 7 API calls 2 library calls 31209->31228 31211 7ff61d3af40c 31212 7ff61d3af410 _RTC_Initialize 31211->31212 31213 7ff61d3af483 31211->31213 31229 7ff61d3af348 50 API calls std::_Throw_Cpp_error 31212->31229 31232 7ff61d3afb2c 7 API calls 2 library calls 31213->31232 31216 7ff61d3af421 std::_Throw_Cpp_error 31230 7ff61d3c24f8 48 API calls 4 library calls 31216->31230 31217 7ff61d3af48d std::_Throw_Cpp_error 31217->31190 31219 7ff61d3af42d 31219->31213 31231 7ff61d3afe50 InitializeSListHead 31219->31231 31226->31207 31227->31209 31228->31211 31229->31216 31230->31219 31232->31217 31233 7ff61d38cd20 SHGetSpecialFolderPathW 31234 7ff61d38cd77 CreateDirectoryW 31233->31234 31235 7ff61d38cdaa GetModuleHandleW GetModuleFileNameW 31233->31235 31278 7ff61d3bafb4 31234->31278 31237 7ff61d38ce02 31235->31237 31243 7ff61d38cdca 31235->31243 31238 7ff61d3819d0 57 API calls 31237->31238 31240 7ff61d38ce07 31238->31240 31241 7ff61d38ce13 31240->31241 31242 7ff61d38d0b5 31240->31242 31246 7ff61d38ce43 31241->31246 31247 7ff61d38ce34 31241->31247 31244 7ff61d381810 2 API calls 31242->31244 31243->31237 31245 7ff61d38d0bf 31244->31245 31250 7ff61d3826a0 49 API calls 31246->31250 31294 7ff61d3823c0 56 API calls wmemcpy_s 31247->31294 31249 7ff61d38ce41 31280 7ff61d382540 31249->31280 31250->31249 31252 7ff61d38ce7c 31253 7ff61d38cea5 DeleteFileW 31252->31253 31254 7ff61d38cebc 31253->31254 31258 7ff61d38ced2 31253->31258 31255 7ff61d38cefe 31254->31255 31256 7ff61d38ceca 31254->31256 31257 7ff61d3826a0 49 API calls 31255->31257 31259 7ff61d382540 49 API calls 31256->31259 31257->31258 31260 7ff61d38cf35 DeleteFileW 31258->31260 31259->31258 31261 7ff61d38cf4c 31260->31261 31265 7ff61d38cf62 31260->31265 31262 7ff61d38cf8e 31261->31262 31263 7ff61d38cf5a 31261->31263 31264 7ff61d3826a0 49 API calls 31262->31264 31266 7ff61d382540 49 API calls 31263->31266 31264->31265 31267 7ff61d38cfc5 DeleteFileW 31265->31267 31266->31265 31268 7ff61d38cfdc 31267->31268 31272 7ff61d38cff2 31267->31272 31269 7ff61d38d019 31268->31269 31270 7ff61d38cfea 31268->31270 31271 7ff61d3826a0 49 API calls 31269->31271 31273 7ff61d382540 49 API calls 31270->31273 31271->31272 31274 7ff61d38d049 DeleteFileW 31272->31274 31273->31272 31275 7ff61d38d068 31274->31275 31276 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31275->31276 31277 7ff61d38d098 31276->31277 31279 7ff61d38cd9b CreateDirectoryW 31278->31279 31279->31237 31281 7ff61d382556 31280->31281 31282 7ff61d382564 31281->31282 31283 7ff61d382623 31281->31283 31288 7ff61d382590 __scrt_get_show_window_mode 31281->31288 31282->31252 31298 7ff61d382690 49 API calls 4 library calls 31283->31298 31285 7ff61d3825c3 31295 7ff61d3ba420 11 API calls _set_errno_from_matherr 31285->31295 31286 7ff61d382628 31288->31285 31290 7ff61d3825da BuildCatchObjectHelperInternal 31288->31290 31292 7ff61d3825f6 31288->31292 31289 7ff61d3825c8 31297 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 31289->31297 31290->31252 31292->31290 31296 7ff61d3ba420 11 API calls _set_errno_from_matherr 31292->31296 31294->31249 31295->31289 31296->31289 31297->31290 31298->31286 31299 7ff61d38cae0 31309 7ff61d3cd4a0 31299->31309 31302 7ff61d38cb84 GetStartupInfoW CreateProcessW 31304 7ff61d38cbd3 31302->31304 31305 7ff61d38cbd7 31302->31305 31303 7ff61d38cb3c 31303->31302 31307 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31304->31307 31305->31304 31306 7ff61d38cbe1 CloseHandle 31305->31306 31306->31304 31308 7ff61d38cbfc 31307->31308 31310 7ff61d38cb17 GetModuleHandleW GetModuleFileNameW 31309->31310 31310->31302 31310->31303 31311 7ff61d386f5a RegQueryValueExW 31312 7ff61d386f9b RegCloseKey 31311->31312 31313 7ff61d386fa3 RegCloseKey 31311->31313 31314 7ff61d386fb4 RegCreateKeyExW 31312->31314 31313->31314 31315 7ff61d387045 31313->31315 31316 7ff61d387032 SHChangeNotify 31314->31316 31321 7ff61d38fef0 31315->31321 31316->31315 31322 7ff61d3819d0 57 API calls 31321->31322 31323 7ff61d38ff2a 31322->31323 31324 7ff61d3902a4 31323->31324 31325 7ff61d38ff36 RegOpenKeyExW 31323->31325 31326 7ff61d381810 2 API calls 31324->31326 31329 7ff61d38ffd4 RegOpenKeyExW 31325->31329 31330 7ff61d38ff79 RegQueryValueExW 31325->31330 31327 7ff61d3902ae 31326->31327 31333 7ff61d390261 31329->31333 31334 7ff61d390008 RegQueryValueExW 31329->31334 31331 7ff61d38ffc3 RegCloseKey 31330->31331 31332 7ff61d38ffbb RegCloseKey 31330->31332 31331->31329 31331->31333 31332->31329 31337 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31333->31337 31335 7ff61d39004e RegCloseKey 31334->31335 31336 7ff61d39025a RegCloseKey 31334->31336 31335->31333 31338 7ff61d39005f 31335->31338 31336->31333 31339 7ff61d38709e 31337->31339 31340 7ff61d3826a0 49 API calls 31338->31340 31352 7ff61d3a04c0 31339->31352 31341 7ff61d39007d RegCreateKeyExW 31340->31341 31342 7ff61d390111 RegOpenKeyExW 31341->31342 31343 7ff61d3900c4 RegSetValueExW RegCloseKey 31341->31343 31344 7ff61d3901ba RegOpenKeyExW 31342->31344 31345 7ff61d39013c RegQueryValueExW RegCloseKey 31342->31345 31343->31342 31344->31333 31348 7ff61d3901e4 RegQueryValueExW RegCloseKey 31344->31348 31345->31344 31347 7ff61d390174 RegOpenKeyExW 31345->31347 31347->31344 31349 7ff61d39019d RegDeleteValueW RegCloseKey 31347->31349 31348->31333 31350 7ff61d39021a RegOpenKeyExW 31348->31350 31349->31344 31350->31333 31351 7ff61d390243 RegDeleteValueW 31350->31351 31351->31336 31353 7ff61d3a04cc 31352->31353 31378 7ff61d388d30 31353->31378 31379 7ff61d3819d0 57 API calls 31378->31379 31380 7ff61d388d4b 31379->31380 31381 7ff61d381810 2 API calls 31380->31381 31382 7ff61d388fe5 31381->31382 31383 7ff61d381810 2 API calls 31382->31383 31384 7ff61d388ff0 31383->31384 31385 7ff61d3819d0 57 API calls 31384->31385 31386 7ff61d38902d 31385->31386 31387 7ff61d381810 2 API calls 31386->31387 31388 7ff61d3892d7 31387->31388 31389 7ff61d381810 2 API calls 31388->31389 31390 7ff61d3892e2 31389->31390 31391 7ff61d3819d0 57 API calls 31390->31391 31392 7ff61d389325 31391->31392 31393 7ff61d381810 2 API calls 31392->31393 31394 7ff61d3896b3 31393->31394 31395 7ff61d381810 2 API calls 31394->31395 31396 7ff61d3896be 31395->31396 31397 7ff61d3819d0 57 API calls 31396->31397 31398 7ff61d3896da 31397->31398 31399 7ff61d381810 2 API calls 31398->31399 31400 7ff61d389792 31399->31400 31401 7ff61d3819d0 57 API calls 31400->31401 31402 7ff61d3897c2 31401->31402 31403 7ff61d38986e 31402->31403 31404 7ff61d3897ce 31402->31404 31405 7ff61d381810 2 API calls 31403->31405 31409 7ff61d3826a0 49 API calls 31404->31409 31406 7ff61d389830 RegCreateKeyExW 31405->31406 31408 7ff61d389a03 31406->31408 31410 7ff61d389821 31409->31410 31412 7ff61d389c80 RtlPcToFileHeader RaiseException 31410->31412 31412->31406 31413 7ff61d3a70c0 31414 7ff61d3a70fc 31413->31414 31415 7ff61d3a70e5 31413->31415 31417 7ff61d3a7195 31414->31417 31419 7ff61d3819d0 57 API calls 31414->31419 31512 7ff61d38aca0 12 API calls 2 library calls 31415->31512 31421 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31417->31421 31418 7ff61d3a70ec 31513 7ff61d38aca0 12 API calls 2 library calls 31418->31513 31420 7ff61d3a7115 31419->31420 31423 7ff61d3a7121 31420->31423 31424 7ff61d3a7226 31420->31424 31425 7ff61d3a721b 31421->31425 31428 7ff61d3a7180 31423->31428 31443 7ff61d3a8480 31423->31443 31426 7ff61d381810 2 API calls 31424->31426 31427 7ff61d3a7230 31426->31427 31429 7ff61d3a92b0 91 API calls 31428->31429 31431 7ff61d3a7191 31428->31431 31429->31431 31431->31417 31436 7ff61d3a8480 116 API calls 31431->31436 31432 7ff61d3a714a 31433 7ff61d3a716a 31432->31433 31496 7ff61d3a92b0 31432->31496 31433->31428 31514 7ff61d3a7e20 31433->31514 31438 7ff61d3a71cf 31436->31438 31437 7ff61d3a7156 31439 7ff61d3a8480 116 API calls 31437->31439 31438->31417 31440 7ff61d3a92b0 91 API calls 31438->31440 31439->31433 31441 7ff61d3a71db 31440->31441 31442 7ff61d3a8480 116 API calls 31441->31442 31442->31417 31444 7ff61d3a84b9 31443->31444 31471 7ff61d3a84b2 31443->31471 31445 7ff61d3819d0 57 API calls 31444->31445 31451 7ff61d3a84be 31445->31451 31446 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31447 7ff61d3a86a6 31446->31447 31447->31432 31448 7ff61d3a86c3 31449 7ff61d381810 2 API calls 31448->31449 31450 7ff61d3a86ce 31449->31450 31454 7ff61d381810 2 API calls 31450->31454 31451->31448 31452 7ff61d3a8508 31451->31452 31457 7ff61d3826a0 49 API calls 31451->31457 31522 7ff61d3a7310 31452->31522 31456 7ff61d3a86d9 31454->31456 31459 7ff61d381810 2 API calls 31456->31459 31457->31452 31461 7ff61d3a86e4 31459->31461 31460 7ff61d3a860a 31575 7ff61d3b8dbc 31460->31575 31464 7ff61d3a8480 112 API calls 31461->31464 31462 7ff61d3819d0 57 API calls 31482 7ff61d3a8532 31462->31482 31466 7ff61d3a8747 31464->31466 31465 7ff61d3a8626 31474 7ff61d3a85dd 31465->31474 31592 7ff61d3a9550 RegOpenKeyExW 31465->31592 31468 7ff61d3819d0 57 API calls 31466->31468 31483 7ff61d3a874b 31466->31483 31469 7ff61d3a875c 31468->31469 31472 7ff61d3a89f5 31469->31472 31480 7ff61d3a7e20 49 API calls 31469->31480 31470 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31473 7ff61d3a89cf 31470->31473 31471->31446 31477 7ff61d381810 2 API calls 31472->31477 31473->31432 31474->31471 31476 7ff61d3a86be 31474->31476 31475 7ff61d3a7e20 49 API calls 31475->31482 31669 7ff61d3ba31c 47 API calls _invalid_parameter_noinfo_noreturn 31476->31669 31479 7ff61d3a8a00 31477->31479 31484 7ff61d3a8786 31480->31484 31481 7ff61d3b8dbc 53 API calls 31481->31482 31482->31450 31482->31456 31482->31460 31482->31462 31482->31474 31482->31475 31482->31481 31483->31470 31484->31483 31485 7ff61d3819d0 57 API calls 31484->31485 31491 7ff61d3a883a 31484->31491 31486 7ff61d3a8810 31485->31486 31487 7ff61d3a881c 31486->31487 31488 7ff61d3a89eb 31486->31488 31490 7ff61d3a7e20 49 API calls 31487->31490 31489 7ff61d381810 2 API calls 31488->31489 31489->31472 31490->31491 31491->31483 31609 7ff61d3a8a10 31491->31609 31494 7ff61d3a8984 RegSetValueExW RegCloseKey 31495 7ff61d3a89b3 LocalFree 31494->31495 31495->31483 31497 7ff61d3a92d2 31496->31497 31498 7ff61d3a93d3 31496->31498 31858 7ff61d3a9040 31497->31858 31499 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31498->31499 31501 7ff61d3a93e2 31499->31501 31501->31437 31503 7ff61d3a93f0 13 API calls 31504 7ff61d3a92e7 31503->31504 31504->31498 31505 7ff61d3a92ef RegOpenKeyExW 31504->31505 31506 7ff61d3a93ae 31505->31506 31507 7ff61d3a931e RegQueryValueExW RegCloseKey 31505->31507 31510 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31506->31510 31507->31506 31508 7ff61d3a9366 RegOpenKeyExW 31507->31508 31508->31506 31509 7ff61d3a9391 RegDeleteValueW RegCloseKey 31508->31509 31509->31506 31511 7ff61d3a93cd 31510->31511 31511->31437 31512->31418 31513->31414 31515 7ff61d3a7e49 31514->31515 31520 7ff61d3a7f06 31514->31520 31517 7ff61d382130 2 API calls 31515->31517 31519 7ff61d3a7e56 __scrt_get_show_window_mode 31515->31519 31516 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31518 7ff61d3a7f35 31516->31518 31517->31519 31518->31428 31519->31520 31521 7ff61d3826a0 49 API calls 31519->31521 31520->31516 31521->31520 31523 7ff61d3a7353 31522->31523 31524 7ff61d3a7344 31522->31524 31529 7ff61d3a7436 31523->31529 31670 7ff61d383920 59 API calls 4 library calls 31523->31670 31525 7ff61d3a7e20 49 API calls 31524->31525 31525->31523 31527 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31528 7ff61d3a7499 31527->31528 31544 7ff61d3a7f40 31528->31544 31529->31527 31530 7ff61d3a7375 31530->31529 31531 7ff61d3a73d6 31530->31531 31532 7ff61d3a74ac 31530->31532 31531->31529 31535 7ff61d3a73f9 31531->31535 31671 7ff61d382260 31531->31671 31533 7ff61d381810 2 API calls 31532->31533 31534 7ff61d3a74b6 31533->31534 31683 7ff61d3ba420 11 API calls _set_errno_from_matherr 31534->31683 31535->31534 31536 7ff61d3a741d BuildCatchObjectHelperInternal 31535->31536 31536->31529 31538 7ff61d3a74c7 31536->31538 31541 7ff61d381810 2 API calls 31538->31541 31540 7ff61d3a74bc 31684 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 31540->31684 31543 7ff61d3a74d1 31541->31543 31555 7ff61d3a7f7d 31544->31555 31563 7ff61d3a7f76 31544->31563 31545 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31546 7ff61d3a8410 31545->31546 31546->31482 31547 7ff61d3a8074 31692 7ff61d3a93f0 31547->31692 31550 7ff61d3a80db 31551 7ff61d388d30 60 API calls 31550->31551 31553 7ff61d3a80ee 31551->31553 31554 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 31553->31554 31553->31563 31570 7ff61d3a8110 31554->31570 31555->31547 31702 7ff61d38d130 61 API calls 4 library calls 31555->31702 31557 7ff61d3a8097 31557->31550 31704 7ff61d38d130 61 API calls 4 library calls 31557->31704 31559 7ff61d3819d0 57 API calls 31559->31570 31560 7ff61d382540 49 API calls 31565 7ff61d3a82fe 31560->31565 31561 7ff61d3a842b 31562 7ff61d381810 2 API calls 31561->31562 31564 7ff61d3a8435 31562->31564 31563->31545 31568 7ff61d381810 2 API calls 31564->31568 31565->31560 31565->31563 31705 7ff61d38d130 61 API calls 4 library calls 31565->31705 31567 7ff61d3a7e20 49 API calls 31567->31570 31569 7ff61d3a8440 31568->31569 31706 7ff61d3830f0 31569->31706 31570->31559 31570->31561 31570->31564 31570->31565 31570->31567 31570->31569 31573 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 31570->31573 31574 7ff61d382540 49 API calls 31570->31574 31573->31570 31574->31570 31576 7ff61d3b8dc9 31575->31576 31577 7ff61d3b8ded 31575->31577 31576->31577 31578 7ff61d3b8dce 31576->31578 31579 7ff61d3b8e27 31577->31579 31582 7ff61d3b8e46 31577->31582 31716 7ff61d3ba420 11 API calls _set_errno_from_matherr 31578->31716 31718 7ff61d3ba420 11 API calls _set_errno_from_matherr 31579->31718 31585 7ff61d3b8ce0 47 API calls 31582->31585 31583 7ff61d3b8dd3 31717 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 31583->31717 31584 7ff61d3b8e2c 31719 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 31584->31719 31591 7ff61d3b8e53 31585->31591 31588 7ff61d3b8dde 31588->31465 31589 7ff61d3b8e37 31589->31465 31590 7ff61d3c4fdc 53 API calls 31590->31591 31591->31589 31591->31590 31593 7ff61d3a95bd __scrt_get_show_window_mode 31592->31593 31608 7ff61d3a9762 31592->31608 31595 7ff61d3a95d6 RegQueryInfoKeyW 31593->31595 31594 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31596 7ff61d3a9773 31594->31596 31597 7ff61d3a9757 RegCloseKey 31595->31597 31606 7ff61d3a9651 31595->31606 31596->31474 31597->31608 31598 7ff61d3a9660 RegEnumKeyExW 31599 7ff61d3a969f UuidFromStringW 31598->31599 31598->31606 31599->31606 31600 7ff61d3819d0 57 API calls 31600->31606 31601 7ff61d3a97c2 31602 7ff61d381810 2 API calls 31601->31602 31603 7ff61d3a97cc 31602->31603 31603->31474 31605 7ff61d3b8dbc 53 API calls 31605->31606 31606->31597 31606->31598 31606->31600 31606->31601 31606->31605 31607 7ff61d3a9794 RegCloseKey 31606->31607 31720 7ff61d3a7a70 31606->31720 31607->31608 31608->31594 31610 7ff61d3a8a92 31609->31610 31611 7ff61d3a8a63 31609->31611 31613 7ff61d3a8acb 31610->31613 31616 7ff61d3af0a8 3 API calls 31610->31616 31612 7ff61d3af0a8 3 API calls 31611->31612 31615 7ff61d3a8a6f 31612->31615 31614 7ff61d3a8b04 31613->31614 31617 7ff61d3af0a8 3 API calls 31613->31617 31621 7ff61d3a8b61 31614->31621 31624 7ff61d3af0a8 3 API calls 31614->31624 31615->31610 31779 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31615->31779 31618 7ff61d3a8aa8 31616->31618 31619 7ff61d3a8ae1 31617->31619 31618->31613 31780 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31618->31780 31619->31614 31781 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31619->31781 31625 7ff61d3a8b9a 31621->31625 31626 7ff61d3af0a8 3 API calls 31621->31626 31627 7ff61d3a8b3e 31624->31627 31629 7ff61d3af0a8 3 API calls 31625->31629 31634 7ff61d3a8bd3 31625->31634 31628 7ff61d3a8b77 31626->31628 31627->31621 31782 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31627->31782 31628->31625 31783 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31628->31783 31630 7ff61d3a8bb0 31629->31630 31630->31634 31784 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31630->31784 31635 7ff61d3a8ccf 31634->31635 31636 7ff61d3af0a8 3 API calls 31634->31636 31637 7ff61d3a8d08 31635->31637 31640 7ff61d3af0a8 3 API calls 31635->31640 31639 7ff61d3a8cac 31636->31639 31638 7ff61d3a8d41 31637->31638 31641 7ff61d3af0a8 3 API calls 31637->31641 31646 7ff61d3a8da8 31638->31646 31648 7ff61d3af0a8 3 API calls 31638->31648 31639->31635 31785 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31639->31785 31642 7ff61d3a8ce5 31640->31642 31643 7ff61d3a8d1e 31641->31643 31642->31637 31786 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31642->31786 31643->31638 31787 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31643->31787 31649 7ff61d3af0a8 3 API calls 31646->31649 31650 7ff61d3a8de1 31646->31650 31651 7ff61d3a8d85 31648->31651 31652 7ff61d3a8dbe 31649->31652 31653 7ff61d3af0a8 3 API calls 31650->31653 31658 7ff61d3a8e1a 31650->31658 31651->31646 31788 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31651->31788 31652->31650 31789 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31652->31789 31654 7ff61d3a8df7 31653->31654 31654->31658 31790 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31654->31790 31659 7ff61d3af0a8 3 API calls 31658->31659 31663 7ff61d3a8f49 31658->31663 31660 7ff61d3a8ee5 31659->31660 31660->31663 31764 7ff61d3ada20 31660->31764 31661 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31662 7ff61d3a893b RegCreateKeyExW 31661->31662 31662->31494 31662->31495 31663->31661 31667 7ff61d3a8f3c 31792 7ff61d3af03c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31667->31792 31670->31530 31672 7ff61d38228d 31671->31672 31685 7ff61d381ad0 31672->31685 31674 7ff61d382324 31691 7ff61d382690 49 API calls 4 library calls 31674->31691 31675 7ff61d3822c6 BuildCatchObjectHelperInternal 31675->31535 31677 7ff61d382329 31678 7ff61d3822a6 __scrt_get_show_window_mode 31678->31675 31689 7ff61d3ba420 11 API calls _set_errno_from_matherr 31678->31689 31680 7ff61d3822dc 31690 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 31680->31690 31683->31540 31684->31538 31686 7ff61d381ae1 31685->31686 31688 7ff61d381b34 31685->31688 31687 7ff61d381b22 RtlAllocateHeap 31686->31687 31686->31688 31687->31688 31688->31674 31688->31678 31689->31680 31690->31675 31691->31677 31694 7ff61d3a941c __scrt_get_show_window_mode 31692->31694 31695 7ff61d3a9515 31692->31695 31693 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31696 7ff61d3a808b 31693->31696 31694->31695 31697 7ff61d3a9464 RegOpenKeyExW 31694->31697 31695->31693 31696->31550 31703 7ff61d3a7240 61 API calls std::_Throw_Cpp_error 31696->31703 31697->31695 31698 7ff61d3a9496 RegQueryValueExW 31697->31698 31699 7ff61d3a94f0 RegCloseKey 31698->31699 31700 7ff61d3a94d9 RegCloseKey 31698->31700 31699->31695 31701 7ff61d3a94fe IIDFromString 31699->31701 31700->31695 31701->31695 31702->31555 31703->31557 31704->31557 31705->31565 31709 7ff61d3aed34 31706->31709 31714 7ff61d3aecb0 47 API calls Concurrency::cancel_current_task 31709->31714 31711 7ff61d3aed45 31715 7ff61d3b1450 RtlPcToFileHeader RaiseException 31711->31715 31713 7ff61d3aed56 31714->31711 31715->31713 31716->31583 31717->31588 31718->31584 31719->31589 31721 7ff61d3a7a8e 31720->31721 31722 7ff61d3a7aae 31721->31722 31723 7ff61d3a7ad6 31721->31723 31724 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31722->31724 31725 7ff61d3a7ae3 31723->31725 31758 7ff61d382130 31723->31758 31727 7ff61d3a7abf 31724->31727 31726 7ff61d3819d0 57 API calls 31725->31726 31732 7ff61d3a7ae8 __scrt_get_show_window_mode 31726->31732 31727->31606 31729 7ff61d3a7e13 31730 7ff61d381810 2 API calls 31729->31730 31731 7ff61d3a7e1e 31730->31731 31732->31729 31733 7ff61d3a7b14 StringFromGUID2 31732->31733 31734 7ff61d3819d0 57 API calls 31733->31734 31735 7ff61d3a7b53 31734->31735 31736 7ff61d3a7b5f 31735->31736 31737 7ff61d3a7dfe 31735->31737 31740 7ff61d3a7b87 31736->31740 31741 7ff61d3a7b96 31736->31741 31738 7ff61d381810 2 API calls 31737->31738 31739 7ff61d3a7e08 31738->31739 31742 7ff61d381810 2 API calls 31739->31742 31763 7ff61d3823c0 56 API calls wmemcpy_s 31740->31763 31744 7ff61d3826a0 49 API calls 31741->31744 31742->31729 31745 7ff61d3a7b94 31744->31745 31745->31739 31746 7ff61d382630 49 API calls 31745->31746 31747 7ff61d3a7be9 31745->31747 31746->31747 31747->31739 31748 7ff61d382630 49 API calls 31747->31748 31749 7ff61d3a7c89 31747->31749 31748->31749 31749->31739 31750 7ff61d3a7cf5 31749->31750 31751 7ff61d3829a0 68 API calls 31750->31751 31752 7ff61d3a7d14 RegOpenKeyExW 31751->31752 31753 7ff61d3a7d42 RegQueryValueExW 31752->31753 31756 7ff61d3a7d8e 31752->31756 31754 7ff61d3a7dd1 RegCloseKey 31753->31754 31755 7ff61d3a7d88 RegCloseKey 31753->31755 31754->31756 31755->31756 31756->31754 31757 7ff61d3826a0 49 API calls 31756->31757 31757->31756 31759 7ff61d38214d 31758->31759 31760 7ff61d382159 31758->31760 31759->31760 31761 7ff61d381810 2 API calls 31759->31761 31760->31725 31762 7ff61d3821ac 31761->31762 31763->31745 31765 7ff61d3819d0 57 API calls 31764->31765 31766 7ff61d3ada3c 31765->31766 31767 7ff61d3adad3 31766->31767 31770 7ff61d3ada48 31766->31770 31768 7ff61d381810 2 API calls 31767->31768 31769 7ff61d3adadd 31768->31769 31828 7ff61d3ae500 31769->31828 31772 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 31770->31772 31774 7ff61d3ada77 31772->31774 31775 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 31774->31775 31776 7ff61d3adaa3 31775->31776 31793 7ff61d3adc20 31776->31793 31791 7ff61d3af348 50 API calls std::_Throw_Cpp_error 31791->31667 31794 7ff61d3ae500 47 API calls 31793->31794 31796 7ff61d3adc6a 31794->31796 31795 7ff61d3819d0 57 API calls 31797 7ff61d3adce2 31795->31797 31796->31795 31826 7ff61d3ae263 31797->31826 31835 7ff61d3ae280 31797->31835 31798 7ff61d381810 2 API calls 31799 7ff61d3ae26e 31798->31799 31801 7ff61d381810 2 API calls 31799->31801 31802 7ff61d3ae279 31801->31802 31806 7ff61d3830f0 49 API calls 31802->31806 31803 7ff61d3adde3 GetLogicalProcessorInformationEx 31804 7ff61d3ade00 GetLastError 31803->31804 31805 7ff61d3ae12f GetActiveProcessorCount GetActiveProcessorGroupCount GetActiveProcessorCount 31803->31805 31804->31805 31811 7ff61d3ade0f 31804->31811 31821 7ff61d3ae15e 31805->31821 31812 7ff61d3ae27f 31806->31812 31807 7ff61d3add46 31810 7ff61d3bad00 54 API calls 31807->31810 31809 7ff61d382630 49 API calls 31809->31807 31818 7ff61d3add58 31810->31818 31814 7ff61d3ade17 GetLogicalProcessorInformationEx 31811->31814 31813 7ff61d3ae170 GetActiveProcessorCount 31813->31821 31815 7ff61d3ae11f 31814->31815 31822 7ff61d3ade38 31814->31822 31815->31805 31816 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31820 7ff61d3a8f30 31816->31820 31817 7ff61d3ae1f0 GetActiveProcessorCount 31817->31821 31818->31799 31818->31803 31819 7ff61d3ae216 31819->31816 31820->31791 31821->31813 31821->31817 31821->31819 31822->31802 31822->31815 31823 7ff61d3ae25e 31822->31823 31825 7ff61d3af39c 61 API calls std::_Throw_Cpp_error 31822->31825 31848 7ff61d38d130 61 API calls 4 library calls 31822->31848 31824 7ff61d3830f0 49 API calls 31823->31824 31824->31826 31825->31822 31826->31798 31829 7ff61d3adaf8 31828->31829 31832 7ff61d3ae51c 31828->31832 31830 7ff61d3ae500 47 API calls 31830->31832 31831 7ff61d3ae5b0 31857 7ff61d3ba31c 47 API calls _invalid_parameter_noinfo_noreturn 31831->31857 31832->31829 31832->31830 31832->31831 31836 7ff61d3ae290 __scrt_get_show_window_mode 31835->31836 31837 7ff61d3ae2dc RegOpenKeyExW 31836->31837 31847 7ff61d3ae2b6 31836->31847 31839 7ff61d3ae307 RegQueryValueExW RegCloseKey 31837->31839 31841 7ff61d3ae350 31837->31841 31839->31841 31840 7ff61d3ae399 31842 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31840->31842 31841->31841 31844 7ff61d3826a0 49 API calls 31841->31844 31843 7ff61d3add0d 31842->31843 31843->31799 31843->31807 31843->31809 31843->31818 31845 7ff61d3ae378 31844->31845 31846 7ff61d383ab0 49 API calls 31845->31846 31846->31847 31849 7ff61d383dc0 31847->31849 31848->31822 31850 7ff61d383e3d 31849->31850 31851 7ff61d383de0 31849->31851 31850->31840 31852 7ff61d383e31 31851->31852 31853 7ff61d383dee 31851->31853 31854 7ff61d3826a0 49 API calls 31852->31854 31855 7ff61d382540 49 API calls 31853->31855 31854->31850 31856 7ff61d383df8 31855->31856 31856->31840 31862 7ff61d3a9082 31858->31862 31859 7ff61d3886a0 77 API calls 31860 7ff61d3a90b2 RegOpenKeyExW 31859->31860 31861 7ff61d3a90d8 RegQueryValueExW RegCloseKey 31860->31861 31860->31862 31861->31862 31863 7ff61d3a91c8 31861->31863 31862->31859 31862->31863 31864 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31863->31864 31865 7ff61d3a91de 31864->31865 31865->31498 31865->31503 31866 7ff61d3997b9 31889 7ff61d3a3780 31866->31889 31868 7ff61d3997c8 31869 7ff61d399812 31868->31869 31870 7ff61d3997d5 Sleep 31868->31870 31871 7ff61d3997f7 LeaveCriticalSection 31868->31871 31872 7ff61d39981e GetFileAttributesW 31869->31872 31873 7ff61d3a3780 117 API calls 31870->31873 31874 7ff61d39fd8b 31871->31874 31875 7ff61d39982c 31872->31875 31882 7ff61d399838 31872->31882 31877 7ff61d3997ee 31873->31877 31878 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31874->31878 31902 7ff61d391890 31875->31902 31877->31868 31880 7ff61d3997f2 31877->31880 31881 7ff61d39fdc6 31878->31881 31880->31869 31880->31871 31922 7ff61d391ba0 31882->31922 31883 7ff61d399856 31928 7ff61d3820a0 31883->31928 31885 7ff61d3998b9 31934 7ff61d3a0fc0 31885->31934 31890 7ff61d3819d0 57 API calls 31889->31890 31891 7ff61d3a37a3 31890->31891 31892 7ff61d3a37af 31891->31892 31893 7ff61d3a3842 31891->31893 32069 7ff61d3a0b00 31892->32069 31894 7ff61d381810 2 API calls 31893->31894 31895 7ff61d3a384c 31894->31895 31897 7ff61d3a37c8 31898 7ff61d3a37f5 GetFileAttributesW 31897->31898 31899 7ff61d3a3817 31898->31899 31900 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31899->31900 31901 7ff61d3a3832 31900->31901 31901->31868 31903 7ff61d382130 2 API calls 31902->31903 31904 7ff61d3918af RegCreateKeyExW 31903->31904 31905 7ff61d391a24 RegQueryValueExW 31904->31905 31906 7ff61d391a8d 31904->31906 31907 7ff61d391a82 RegCloseKey 31905->31907 31908 7ff61d391a66 31905->31908 32288 7ff61d3a0e40 31906->32288 31907->31906 31908->31907 31909 7ff61d391a6d RegCloseKey 31908->31909 31909->31906 31912 7ff61d3826a0 49 API calls 31913 7ff61d391b37 31912->31913 31914 7ff61d382130 2 API calls 31913->31914 31923 7ff61d391bbd 31922->31923 31925 7ff61d392291 31923->31925 32377 7ff61d39ff70 47 API calls _invalid_parameter_noinfo_noreturn 31923->32377 32370 7ff61d3a4fc0 31925->32370 31929 7ff61d3819d0 57 API calls 31928->31929 31930 7ff61d3820ae 31929->31930 31931 7ff61d381810 2 API calls 31930->31931 31932 7ff61d3820b6 31930->31932 31933 7ff61d3820d6 31931->31933 31932->31885 31938 7ff61d3a1016 __scrt_get_show_window_mode 31934->31938 31972 7ff61d3a193d 31934->31972 31935 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 31936 7ff61d3998e7 LeaveCriticalSection 31935->31936 31936->31874 31937 7ff61d3a10db 31939 7ff61d3819d0 57 API calls 31937->31939 31938->31937 31941 7ff61d3a1081 GetVolumeNameForVolumeMountPointW 31938->31941 31942 7ff61d3a1069 31938->31942 31938->31972 31940 7ff61d3a10e0 31939->31940 31941->31942 31944 7ff61d3826a0 49 API calls 31942->31944 31944->31937 31972->31935 32070 7ff61d3a0b39 __scrt_get_show_window_mode 32069->32070 32071 7ff61d3819d0 57 API calls 32070->32071 32072 7ff61d3a0b3e 32071->32072 32073 7ff61d3a0c37 32072->32073 32074 7ff61d3a0b4a 32072->32074 32075 7ff61d381810 2 API calls 32073->32075 32085 7ff61d3a0100 32074->32085 32076 7ff61d3a0c41 32075->32076 32079 7ff61d382260 50 API calls 32080 7ff61d3a0b7b 32079->32080 32081 7ff61d3826a0 49 API calls 32080->32081 32082 7ff61d3a0bf8 32081->32082 32083 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32082->32083 32084 7ff61d3a0c22 32083->32084 32084->31897 32147 7ff61d3aed70 32085->32147 32088 7ff61d3a047d 32249 7ff61d3aeb4c 61 API calls 2 library calls 32088->32249 32090 7ff61d3a0488 32250 7ff61d3aeb4c 61 API calls 2 library calls 32090->32250 32092 7ff61d3819d0 57 API calls 32094 7ff61d3a015b 32092->32094 32093 7ff61d3a049d 32095 7ff61d381810 2 API calls 32093->32095 32094->32093 32163 7ff61d3a3050 32094->32163 32096 7ff61d3a04a8 32095->32096 32098 7ff61d381810 2 API calls 32096->32098 32101 7ff61d3a04b3 32098->32101 32100 7ff61d3a0472 32102 7ff61d381810 2 API calls 32100->32102 32102->32088 32103 7ff61d3b8dbc 53 API calls 32107 7ff61d3a019d 32103->32107 32104 7ff61d3a01cd 32105 7ff61d3819d0 57 API calls 32104->32105 32106 7ff61d3a020e 32105->32106 32106->32100 32112 7ff61d3a0239 32106->32112 32113 7ff61d3a028c 32106->32113 32107->32104 32108 7ff61d3a01f6 32107->32108 32109 7ff61d3a01c8 32107->32109 32110 7ff61d3826a0 49 API calls 32108->32110 32111 7ff61d382540 49 API calls 32109->32111 32110->32104 32111->32104 32115 7ff61d3a0259 32112->32115 32117 7ff61d3a0280 32112->32117 32118 7ff61d3a0254 32112->32118 32200 7ff61d3a0a10 RegOpenKeyExW 32113->32200 32119 7ff61d3a0720 78 API calls 32115->32119 32126 7ff61d3a02d5 32115->32126 32120 7ff61d3826a0 49 API calls 32117->32120 32123 7ff61d382540 49 API calls 32118->32123 32119->32126 32120->32115 32121 7ff61d3a0339 32124 7ff61d3819d0 57 API calls 32121->32124 32122 7ff61d3a0a10 53 API calls 32127 7ff61d3a02b2 32122->32127 32123->32115 32128 7ff61d3a0348 32124->32128 32125 7ff61d3a0468 32129 7ff61d381810 2 API calls 32125->32129 32126->32121 32126->32125 32131 7ff61d3a032b 32126->32131 32133 7ff61d382630 49 API calls 32126->32133 32127->32115 32211 7ff61d3a0720 32127->32211 32128->32096 32130 7ff61d3a0354 32128->32130 32129->32100 32134 7ff61d3a3050 94 API calls 32130->32134 32131->32121 32131->32125 32133->32131 32135 7ff61d3a036d 32134->32135 32136 7ff61d3a03a3 32135->32136 32137 7ff61d3a037c 32135->32137 32138 7ff61d3829a0 68 API calls 32136->32138 32139 7ff61d3829a0 68 API calls 32137->32139 32140 7ff61d3a03a1 32138->32140 32139->32140 32141 7ff61d383dc0 49 API calls 32140->32141 32143 7ff61d3a03e0 32140->32143 32141->32143 32246 7ff61d3aed78 32143->32246 32145 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32146 7ff61d3a044e 32145->32146 32146->32079 32146->32080 32148 7ff61d3aed98 GetCurrentThreadId 32147->32148 32149 7ff61d3aedf1 32148->32149 32150 7ff61d3aedd7 32148->32150 32152 7ff61d3aedf6 32149->32152 32153 7ff61d3aee0a 32149->32153 32151 7ff61d3aeddc AcquireSRWLockExclusive 32150->32151 32156 7ff61d3aede9 32150->32156 32151->32156 32155 7ff61d3aedfe AcquireSRWLockExclusive 32152->32155 32152->32156 32154 7ff61d3aee4f 32153->32154 32161 7ff61d3aee18 32153->32161 32154->32156 32157 7ff61d3aee57 TryAcquireSRWLockExclusive 32154->32157 32155->32156 32159 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32156->32159 32157->32156 32160 7ff61d3a013e 32159->32160 32160->32088 32160->32090 32160->32092 32161->32156 32162 7ff61d3aee3f TryAcquireSRWLockExclusive 32161->32162 32251 7ff61d3aef0c GetSystemTimeAsFileTime _Xtime_get_ticks 32161->32251 32162->32156 32162->32161 32164 7ff61d3a3068 32163->32164 32165 7ff61d382130 2 API calls 32164->32165 32166 7ff61d3a3088 32165->32166 32252 7ff61d38fde0 32166->32252 32169 7ff61d3a30e3 GetFileSize 32172 7ff61d3a3103 32169->32172 32173 7ff61d3a321a 32169->32173 32170 7ff61d3a30d6 32171 7ff61d382130 2 API calls 32170->32171 32180 7ff61d3a30de 32171->32180 32172->32173 32175 7ff61d3a310e 32172->32175 32174 7ff61d382130 2 API calls 32173->32174 32176 7ff61d3a3222 CloseHandle 32174->32176 32177 7ff61d3a3112 32175->32177 32178 7ff61d3a312b __scrt_get_show_window_mode 32175->32178 32176->32180 32179 7ff61d382130 2 API calls 32177->32179 32182 7ff61d3a313d ReadFile 32178->32182 32181 7ff61d3a311a CloseHandle 32179->32181 32183 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32180->32183 32181->32180 32182->32176 32184 7ff61d3a3165 32182->32184 32185 7ff61d3a0180 32183->32185 32186 7ff61d3826a0 49 API calls 32184->32186 32185->32100 32185->32103 32187 7ff61d3a3188 32186->32187 32188 7ff61d383ab0 49 API calls 32187->32188 32189 7ff61d3a319e 32188->32189 32190 7ff61d383ab0 49 API calls 32189->32190 32191 7ff61d3a31b4 32190->32191 32192 7ff61d383ab0 49 API calls 32191->32192 32193 7ff61d3a31ca 32192->32193 32194 7ff61d383ab0 49 API calls 32193->32194 32195 7ff61d3a31e0 32194->32195 32196 7ff61d383ab0 49 API calls 32195->32196 32197 7ff61d3a31f6 32196->32197 32198 7ff61d383ab0 49 API calls 32197->32198 32199 7ff61d3a320c CloseHandle 32198->32199 32199->32180 32201 7ff61d3a0a5f RegQueryValueExW 32200->32201 32202 7ff61d3a0aac 32200->32202 32203 7ff61d3a0acf RegCloseKey 32201->32203 32204 7ff61d3a0aa6 RegCloseKey 32201->32204 32205 7ff61d382130 2 API calls 32202->32205 32206 7ff61d3a0ae1 32203->32206 32204->32202 32209 7ff61d3a0ab4 32205->32209 32208 7ff61d3826a0 49 API calls 32206->32208 32207 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32210 7ff61d3a029d 32207->32210 32208->32209 32209->32207 32210->32115 32210->32122 32212 7ff61d3819d0 57 API calls 32211->32212 32213 7ff61d3a0755 32212->32213 32214 7ff61d3a0761 32213->32214 32215 7ff61d3a09f4 32213->32215 32218 7ff61d3a0a10 53 API calls 32214->32218 32216 7ff61d381810 2 API calls 32215->32216 32217 7ff61d3a09fe 32216->32217 32219 7ff61d381810 2 API calls 32217->32219 32220 7ff61d3a0781 32218->32220 32221 7ff61d3a0a09 32219->32221 32222 7ff61d3a0a10 53 API calls 32220->32222 32227 7ff61d3a08a4 32220->32227 32223 7ff61d3a07a8 32222->32223 32224 7ff61d3a07b1 32223->32224 32223->32227 32271 7ff61d38b900 RegOpenKeyExW 32224->32271 32226 7ff61d3a07b6 __scrt_get_show_window_mode 32230 7ff61d3a07cb SHGetSpecialFolderPathW 32226->32230 32229 7ff61d3a093d 32227->32229 32231 7ff61d3a090e 32227->32231 32235 7ff61d3a0888 32227->32235 32228 7ff61d3a09a3 32238 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32228->32238 32232 7ff61d3826a0 49 API calls 32229->32232 32233 7ff61d3a0892 32230->32233 32234 7ff61d3a07f4 SHCreateDirectoryExW 32230->32234 32236 7ff61d382540 49 API calls 32231->32236 32232->32235 32237 7ff61d382130 2 API calls 32233->32237 32239 7ff61d3a0810 32234->32239 32235->32217 32235->32228 32242 7ff61d3a099b 32235->32242 32243 7ff61d382630 49 API calls 32235->32243 32236->32235 32237->32235 32241 7ff61d3a09d7 32238->32241 32239->32239 32240 7ff61d3a081a SHCreateDirectoryExW 32239->32240 32244 7ff61d3a0853 32240->32244 32241->32115 32242->32217 32242->32228 32243->32242 32245 7ff61d3826a0 49 API calls 32244->32245 32245->32235 32247 7ff61d3a043f 32246->32247 32248 7ff61d3aed82 ReleaseSRWLockExclusive 32246->32248 32247->32145 32248->32247 32249->32090 32250->32093 32251->32161 32253 7ff61d3819d0 57 API calls 32252->32253 32254 7ff61d38fe0e 32253->32254 32255 7ff61d38fed7 32254->32255 32258 7ff61d3a0720 78 API calls 32254->32258 32256 7ff61d381810 2 API calls 32255->32256 32257 7ff61d38fee2 32256->32257 32259 7ff61d38fe33 32258->32259 32260 7ff61d3819d0 57 API calls 32259->32260 32261 7ff61d38fe3d 32260->32261 32262 7ff61d38fe49 32261->32262 32263 7ff61d38fecd 32261->32263 32265 7ff61d38fe76 32262->32265 32266 7ff61d382260 50 API calls 32262->32266 32264 7ff61d381810 2 API calls 32263->32264 32264->32255 32267 7ff61d3829a0 68 API calls 32265->32267 32266->32265 32268 7ff61d38fe94 32267->32268 32269 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32268->32269 32270 7ff61d38fec2 CreateFileW 32269->32270 32270->32169 32270->32170 32272 7ff61d38b951 RegOpenKeyExW 32271->32272 32273 7ff61d38b9e2 32271->32273 32274 7ff61d38b9d5 RegCloseKey 32272->32274 32275 7ff61d38b988 RegQueryValueExW 32272->32275 32278 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32273->32278 32274->32273 32276 7ff61d38b9cf RegCloseKey 32275->32276 32277 7ff61d38ba03 RegCloseKey 32275->32277 32276->32274 32277->32274 32280 7ff61d38ba0f 32277->32280 32279 7ff61d38b9fa 32278->32279 32279->32226 32281 7ff61d38baab RegCloseKey 32280->32281 32282 7ff61d38ba1c LoadStringW 32280->32282 32281->32273 32283 7ff61d38ba91 MessageBoxW 32282->32283 32284 7ff61d38ba45 32282->32284 32283->32281 32285 7ff61d38ba4e LoadLibraryW 32284->32285 32286 7ff61d38ba62 GetModuleHandleW LoadStringW 32284->32286 32285->32286 32286->32283 32287 7ff61d38ba8c 32286->32287 32287->32283 32289 7ff61d3a0e67 32288->32289 32290 7ff61d3a0e5c GetFileAttributesW 32288->32290 32321 7ff61d3a0c50 32289->32321 32290->32289 32292 7ff61d3a0e88 32290->32292 32294 7ff61d3a0ebf 32292->32294 32295 7ff61d3a0eb4 GetFileAttributesW 32292->32295 32297 7ff61d3a0c50 68 API calls 32294->32297 32295->32294 32306 7ff61d3a0ee0 32295->32306 32300 7ff61d3a0ed0 32297->32300 32298 7ff61d3a0f17 32301 7ff61d3a0c50 68 API calls 32298->32301 32299 7ff61d3a0f0c GetFileAttributesW 32299->32298 32310 7ff61d3a0f38 32299->32310 32302 7ff61d383dc0 49 API calls 32300->32302 32303 7ff61d3a0f28 32301->32303 32302->32306 32307 7ff61d383dc0 49 API calls 32303->32307 32304 7ff61d3a0f6f 32309 7ff61d3a0c50 68 API calls 32304->32309 32305 7ff61d3a0f64 GetFileAttributesW 32305->32304 32308 7ff61d391ad6 32305->32308 32306->32298 32306->32299 32307->32310 32308->31912 32311 7ff61d3a0f80 32309->32311 32310->32304 32310->32305 32312 7ff61d383dc0 49 API calls 32311->32312 32312->32308 32322 7ff61d3819d0 57 API calls 32321->32322 32323 7ff61d3a0c8e 32322->32323 32324 7ff61d3a0e27 32323->32324 32325 7ff61d3a0c9a GetModuleHandleW GetModuleFileNameW 32323->32325 32326 7ff61d381810 2 API calls 32324->32326 32329 7ff61d3a0d6b SHGetSpecialFolderPathW 32325->32329 32338 7ff61d3a0cde 32325->32338 32328 7ff61d3a0e31 32326->32328 32332 7ff61d3a0e67 32328->32332 32333 7ff61d3a0e5c GetFileAttributesW 32328->32333 32330 7ff61d3a0df8 32329->32330 32331 7ff61d3a0d88 32329->32331 32335 7ff61d382130 2 API calls 32330->32335 32345 7ff61d3826a0 49 API calls 32331->32345 32334 7ff61d3a0c50 59 API calls 32332->32334 32333->32332 32336 7ff61d3a0e88 32333->32336 32337 7ff61d3a0e78 32334->32337 32341 7ff61d3a0e00 32335->32341 32339 7ff61d3a0ebf 32336->32339 32340 7ff61d3a0eb4 GetFileAttributesW 32336->32340 32342 7ff61d383dc0 49 API calls 32337->32342 32354 7ff61d3826a0 49 API calls 32338->32354 32344 7ff61d3a0c50 59 API calls 32339->32344 32340->32339 32343 7ff61d3a0ee0 32340->32343 32349 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32341->32349 32342->32336 32364 7ff61d3a0da7 32345->32364 32353 7ff61d3a0e14 32349->32353 32362 7ff61d3a0d37 32354->32362 32365 7ff61d3a0d59 GetFileAttributesW 32362->32365 32364->32364 32366 7ff61d3a0dea GetFileAttributesW 32364->32366 32365->32329 32365->32341 32366->32330 32366->32341 32373 7ff61d3a4fdc 32370->32373 32374 7ff61d3923f4 32370->32374 32371 7ff61d3a4fc0 47 API calls 32371->32373 32372 7ff61d3a5077 32378 7ff61d3ba31c 47 API calls _invalid_parameter_noinfo_noreturn 32372->32378 32373->32371 32373->32372 32373->32374 32374->31883 32377->31923 32453 7ff61d39255a 33276 7ff61d384d30 GetUserDefaultUILanguage 32453->33276 32457 7ff61d392571 32458 7ff61d392578 32457->32458 32466 7ff61d3925d6 32457->32466 33423 7ff61d3a35a0 117 API calls std::_Throw_Cpp_error 32458->33423 32460 7ff61d392580 32461 7ff61d3925a4 32460->32461 32462 7ff61d392589 Sleep 32460->32462 32460->32466 32467 7ff61d39259f 32460->32467 32463 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 32461->32463 33424 7ff61d3a35a0 117 API calls std::_Throw_Cpp_error 32462->33424 32465 7ff61d3925b5 32463->32465 32468 7ff61d3820a0 59 API calls 32466->32468 32467->32461 32467->32466 32469 7ff61d392627 32468->32469 32470 7ff61d3829a0 68 API calls 32469->32470 32471 7ff61d392641 32470->32471 33331 7ff61d382100 32471->33331 32473 7ff61d39264d 33336 7ff61d3a2850 32473->33336 32475 7ff61d39267e 32476 7ff61d382100 50 API calls 32475->32476 32477 7ff61d392697 32476->32477 32478 7ff61d3a2850 75 API calls 32477->32478 32479 7ff61d3926c8 32478->32479 32480 7ff61d3a2850 75 API calls 32479->32480 32481 7ff61d392712 32480->32481 32482 7ff61d3a2850 75 API calls 32481->32482 32483 7ff61d39274e 32482->32483 32484 7ff61d3a2850 75 API calls 32483->32484 32485 7ff61d39278a 32484->32485 32486 7ff61d3a2850 75 API calls 32485->32486 32487 7ff61d3927c6 32486->32487 32488 7ff61d3a2850 75 API calls 32487->32488 32489 7ff61d392802 32488->32489 32490 7ff61d3a2850 75 API calls 32489->32490 32491 7ff61d39283e 32490->32491 32492 7ff61d3a2850 75 API calls 32491->32492 32493 7ff61d39287a 32492->32493 33377 7ff61d3a4d40 32493->33377 32496 7ff61d3a2850 75 API calls 32497 7ff61d3928c9 32496->32497 32498 7ff61d3a4d40 50 API calls 32497->32498 32499 7ff61d3928e3 32498->32499 32500 7ff61d3a2850 75 API calls 32499->32500 32501 7ff61d392918 32500->32501 32502 7ff61d3a4d40 50 API calls 32501->32502 32503 7ff61d392932 32502->32503 32504 7ff61d3a2850 75 API calls 32503->32504 33277 7ff61d384d57 33276->33277 33278 7ff61d384d95 33277->33278 33509 7ff61d38b050 33277->33509 33280 7ff61d3819d0 57 API calls 33278->33280 33281 7ff61d384dea 33280->33281 33284 7ff61d382130 2 API calls 33281->33284 33292 7ff61d3851c0 33281->33292 33282 7ff61d381810 2 API calls 33283 7ff61d3851cb 33282->33283 33285 7ff61d384e15 33284->33285 33286 7ff61d3826a0 49 API calls 33285->33286 33287 7ff61d384ea8 33286->33287 33288 7ff61d3819d0 57 API calls 33287->33288 33289 7ff61d384ead 33288->33289 33290 7ff61d3851b6 33289->33290 33295 7ff61d384eb9 33289->33295 33291 7ff61d381810 2 API calls 33290->33291 33291->33292 33292->33282 33293 7ff61d384efe __scrt_get_show_window_mode 33298 7ff61d384f5d GetModuleHandleW GetModuleFileNameW 33293->33298 33294 7ff61d384f38 33297 7ff61d3826a0 49 API calls 33294->33297 33295->33293 33295->33294 33296 7ff61d384ef6 33295->33296 33299 7ff61d382540 49 API calls 33296->33299 33297->33293 33304 7ff61d384f7d 33298->33304 33299->33293 33300 7ff61d384fe7 LoadLibraryW 33301 7ff61d385132 33300->33301 33302 7ff61d385000 33300->33302 33540 7ff61d3b9f0c 47 API calls 2 library calls 33301->33540 33306 7ff61d3826a0 49 API calls 33302->33306 33304->33300 33305 7ff61d3826a0 49 API calls 33304->33305 33305->33300 33308 7ff61d38502b GetModuleHandleW GetModuleFileNameW 33306->33308 33310 7ff61d3850c0 LoadLibraryW 33308->33310 33316 7ff61d385050 33308->33316 33309 7ff61d38514f 33314 7ff61d3826a0 49 API calls 33309->33314 33311 7ff61d3850db 33310->33311 33312 7ff61d38516d EnterCriticalSection 33310->33312 33539 7ff61d381ff0 49 API calls 33311->33539 33321 7ff61d392420 RegOpenKeyExW 33312->33321 33314->33312 33315 7ff61d3850ee 33318 7ff61d3850fa LoadLibraryW MessageBoxW ExitProcess 33315->33318 33537 7ff61d3ba91c 47 API calls 2 library calls 33316->33537 33319 7ff61d3850a7 33538 7ff61d3ba91c 47 API calls 2 library calls 33319->33538 33322 7ff61d3924b3 33321->33322 33323 7ff61d392466 RegQueryValueExW 33321->33323 33326 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33322->33326 33324 7ff61d3924c7 RegCloseKey 33323->33324 33325 7ff61d3924ad RegCloseKey 33323->33325 33324->33322 33328 7ff61d3924d4 33324->33328 33325->33322 33327 7ff61d3924c2 33326->33327 33327->32457 33329 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33328->33329 33330 7ff61d3924e3 33329->33330 33330->32457 33332 7ff61d382123 33331->33332 33333 7ff61d382112 33331->33333 33332->32473 33334 7ff61d382260 50 API calls 33333->33334 33335 7ff61d38211a 33334->33335 33335->32473 33337 7ff61d3819d0 57 API calls 33336->33337 33341 7ff61d3a287b 33337->33341 33338 7ff61d3a2abd 33339 7ff61d381810 2 API calls 33338->33339 33340 7ff61d3a2ac7 33339->33340 33341->33338 33342 7ff61d3a28ac 33341->33342 33344 7ff61d3a28bb 33341->33344 33541 7ff61d3823c0 56 API calls wmemcpy_s 33342->33541 33344->33344 33345 7ff61d3826a0 49 API calls 33344->33345 33346 7ff61d3a28b9 33345->33346 33347 7ff61d3a28f2 33346->33347 33348 7ff61d3a2909 33346->33348 33350 7ff61d382540 49 API calls 33347->33350 33542 7ff61d3848a0 61 API calls 3 library calls 33348->33542 33351 7ff61d3a28fb 33350->33351 33352 7ff61d3819d0 57 API calls 33351->33352 33353 7ff61d3a2938 33352->33353 33353->33338 33354 7ff61d3a2961 33353->33354 33355 7ff61d3a2970 33353->33355 33543 7ff61d3823c0 56 API calls wmemcpy_s 33354->33543 33356 7ff61d3826a0 49 API calls 33355->33356 33358 7ff61d3a296e 33356->33358 33359 7ff61d3a29a6 33358->33359 33360 7ff61d3a29bd 33358->33360 33361 7ff61d382540 49 API calls 33359->33361 33544 7ff61d3848a0 61 API calls 3 library calls 33360->33544 33363 7ff61d3a29af 33361->33363 33364 7ff61d3819d0 57 API calls 33363->33364 33365 7ff61d3a29ec 33364->33365 33365->33338 33366 7ff61d3a29f5 33365->33366 33367 7ff61d3a2a15 33366->33367 33369 7ff61d3a2a24 33366->33369 33545 7ff61d3823c0 56 API calls wmemcpy_s 33367->33545 33369->33369 33370 7ff61d3826a0 49 API calls 33369->33370 33371 7ff61d3a2a22 33370->33371 33372 7ff61d3a2a65 33371->33372 33373 7ff61d3a2a7c 33371->33373 33374 7ff61d382540 49 API calls 33372->33374 33546 7ff61d3848a0 61 API calls 3 library calls 33373->33546 33376 7ff61d3a2a6e 33374->33376 33376->32475 33378 7ff61d3a4d66 std::_Throw_Cpp_error 33377->33378 33379 7ff61d3b8bcc 50 API calls 33378->33379 33380 7ff61d392894 33379->33380 33380->32496 33423->32460 33424->32460 33510 7ff61d38b08b 33509->33510 33536 7ff61d38b084 33509->33536 33512 7ff61d3819d0 57 API calls 33510->33512 33511 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33513 7ff61d38b4cd 33511->33513 33514 7ff61d38b0a8 33512->33514 33513->33278 33515 7ff61d38b4e6 33514->33515 33518 7ff61d38b0b4 33514->33518 33516 7ff61d381810 2 API calls 33515->33516 33517 7ff61d38b4f0 33516->33517 33519 7ff61d3829a0 68 API calls 33518->33519 33520 7ff61d38b0d9 RegCreateKeyExW 33519->33520 33521 7ff61d38b11f RegSetValueExW RegCloseKey 33520->33521 33522 7ff61d38b152 RegCreateKeyExW 33520->33522 33521->33522 33523 7ff61d38b192 RegSetValueExW RegCloseKey 33522->33523 33524 7ff61d38b1c7 RegCreateKeyExW 33522->33524 33523->33524 33525 7ff61d38b240 RegCreateKeyExW 33524->33525 33526 7ff61d38b20b RegSetValueExW RegCloseKey 33524->33526 33527 7ff61d38b284 RegSetValueExW RegCloseKey 33525->33527 33528 7ff61d38b2b9 RegCreateKeyExW 33525->33528 33526->33525 33527->33528 33529 7ff61d38b332 RegCreateKeyExW 33528->33529 33530 7ff61d38b2fd RegSetValueExW RegCloseKey 33528->33530 33531 7ff61d38b376 RegSetValueExW RegCloseKey 33529->33531 33532 7ff61d38b3ab RegCreateKeyExW 33529->33532 33530->33529 33531->33532 33533 7ff61d38b425 RegCreateKeyExW 33532->33533 33534 7ff61d38b3f6 RegSetValueExW RegCloseKey 33532->33534 33535 7ff61d38b469 RegSetValueExW RegCloseKey 33533->33535 33533->33536 33534->33533 33535->33536 33536->33511 33537->33319 33538->33310 33539->33315 33540->33309 33541->33346 33542->33351 33543->33358 33544->33363 33545->33371 33546->33376 33552 7ff61d3af4bc 33575 7ff61d3af15c 33552->33575 33555 7ff61d3af608 33605 7ff61d3afb2c 7 API calls 2 library calls 33555->33605 33556 7ff61d3af4d8 33558 7ff61d3af612 33556->33558 33560 7ff61d3af4f6 33556->33560 33606 7ff61d3afb2c 7 API calls 2 library calls 33558->33606 33561 7ff61d3af51b 33560->33561 33565 7ff61d3af538 __scrt_release_startup_lock 33560->33565 33583 7ff61d3c2fb8 33560->33583 33562 7ff61d3af61d BuildCatchObjectHelperInternal 33564 7ff61d3af5a1 33589 7ff61d3afc74 33564->33589 33565->33564 33604 7ff61d3c22a8 47 API calls __GSHandlerCheck_EH 33565->33604 33567 7ff61d3af5a6 33592 7ff61d386f00 33567->33592 33576 7ff61d3af164 33575->33576 33577 7ff61d3af170 __scrt_dllmain_crt_thread_attach 33576->33577 33578 7ff61d3af179 33577->33578 33579 7ff61d3af17d 33577->33579 33578->33555 33578->33556 33607 7ff61d3c2e08 33579->33607 33584 7ff61d3c2fbd 33583->33584 33585 7ff61d3c2fee 33583->33585 33584->33585 33624 7ff61d3815e0 33584->33624 33627 7ff61d381090 33584->33627 33644 7ff61d3815c0 33584->33644 33585->33565 33590 7ff61d3cd4a0 __scrt_get_show_window_mode 33589->33590 33591 7ff61d3afc8b GetStartupInfoW 33590->33591 33591->33567 33593 7ff61d3afac0 33592->33593 33594 7ff61d386f18 CoInitializeEx 33593->33594 33595 7ff61d386990 33594->33595 33596 7ff61d386f2a RegOpenKeyExW 33595->33596 33597 7ff61d386fb4 RegCreateKeyExW 33596->33597 33598 7ff61d387032 SHChangeNotify 33597->33598 33599 7ff61d387045 33598->33599 33600 7ff61d38fef0 81 API calls 33599->33600 33601 7ff61d38709e 33600->33601 33602 7ff61d3a04c0 70 API calls 33601->33602 33603 7ff61d3870a3 33602->33603 33604->33564 33605->33558 33606->33562 33608 7ff61d3c7c38 33607->33608 33609 7ff61d3af182 33608->33609 33612 7ff61d3c4f60 33608->33612 33609->33578 33611 7ff61d3b1740 7 API calls 2 library calls 33609->33611 33611->33578 33623 7ff61d3c1d44 EnterCriticalSection 33612->33623 33647 7ff61d390790 33624->33647 33628 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33627->33628 33633 7ff61d3811f8 33628->33633 33629 7ff61d3812c8 33630 7ff61d3830f0 49 API calls 33629->33630 33632 7ff61d3812f9 33630->33632 33631 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33631->33633 33634 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33632->33634 33633->33629 33633->33631 33635 7ff61d38133b 33634->33635 33636 7ff61d38140c 33635->33636 33638 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33635->33638 33637 7ff61d3830f0 49 API calls 33636->33637 33639 7ff61d381439 LoadLibraryW 33637->33639 33638->33635 33790 7ff61d3badd8 33639->33790 33643 7ff61d3814c0 33643->33584 33793 7ff61d38b7b0 33644->33793 33648 7ff61d390826 __scrt_get_show_window_mode 33647->33648 33649 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33648->33649 33650 7ff61d39088c 33649->33650 33651 7ff61d3ada20 85 API calls 33650->33651 33652 7ff61d3908b0 33651->33652 33740 7ff61d3a74e0 33652->33740 33655 7ff61d3819d0 57 API calls 33656 7ff61d3908c3 33655->33656 33657 7ff61d391001 33656->33657 33660 7ff61d3819d0 57 API calls 33656->33660 33658 7ff61d381810 2 API calls 33657->33658 33659 7ff61d39100c 33658->33659 33661 7ff61d381810 2 API calls 33659->33661 33662 7ff61d3908e5 33660->33662 33663 7ff61d391017 33661->33663 33662->33659 33665 7ff61d3819d0 57 API calls 33662->33665 33664 7ff61d381810 2 API calls 33663->33664 33666 7ff61d391022 33664->33666 33667 7ff61d390907 33665->33667 33668 7ff61d381810 2 API calls 33666->33668 33667->33663 33670 7ff61d3819d0 57 API calls 33667->33670 33669 7ff61d39102d 33668->33669 33671 7ff61d381810 2 API calls 33669->33671 33672 7ff61d390929 33670->33672 33673 7ff61d391038 33671->33673 33672->33666 33676 7ff61d3819d0 57 API calls 33672->33676 33674 7ff61d381810 2 API calls 33673->33674 33675 7ff61d391043 33674->33675 33677 7ff61d381810 2 API calls 33675->33677 33678 7ff61d39094b 33676->33678 33679 7ff61d39104e 33677->33679 33678->33669 33682 7ff61d3819d0 57 API calls 33678->33682 33680 7ff61d381810 2 API calls 33679->33680 33681 7ff61d391059 33680->33681 33684 7ff61d381810 2 API calls 33681->33684 33683 7ff61d39096d 33682->33683 33683->33673 33686 7ff61d3819d0 57 API calls 33683->33686 33685 7ff61d391064 33684->33685 33687 7ff61d381810 2 API calls 33685->33687 33688 7ff61d39098f 33686->33688 33689 7ff61d39106f 33687->33689 33688->33675 33692 7ff61d3819d0 57 API calls 33688->33692 33690 7ff61d381810 2 API calls 33689->33690 33691 7ff61d39107a 33690->33691 33693 7ff61d381810 2 API calls 33691->33693 33694 7ff61d3909c3 33692->33694 33695 7ff61d391085 33693->33695 33694->33679 33698 7ff61d3819d0 57 API calls 33694->33698 33696 7ff61d381810 2 API calls 33695->33696 33697 7ff61d391090 33696->33697 33700 7ff61d381810 2 API calls 33697->33700 33699 7ff61d3909e5 33698->33699 33699->33681 33702 7ff61d3819d0 57 API calls 33699->33702 33701 7ff61d39109b 33700->33701 33703 7ff61d381810 2 API calls 33701->33703 33704 7ff61d390a07 33702->33704 33705 7ff61d3910a6 33703->33705 33704->33685 33708 7ff61d3819d0 57 API calls 33704->33708 33706 7ff61d3a4fc0 47 API calls 33705->33706 33707 7ff61d3910c8 33706->33707 33709 7ff61d390a29 33708->33709 33709->33689 33710 7ff61d3819d0 57 API calls 33709->33710 33711 7ff61d390a4b 33710->33711 33711->33691 33712 7ff61d3819d0 57 API calls 33711->33712 33713 7ff61d390a6d 33712->33713 33713->33695 33714 7ff61d3819d0 57 API calls 33713->33714 33715 7ff61d390a8f 33714->33715 33715->33697 33716 7ff61d3819d0 57 API calls 33715->33716 33717 7ff61d390ab1 33716->33717 33717->33701 33718 7ff61d3819d0 57 API calls 33717->33718 33719 7ff61d390ad3 33718->33719 33720 7ff61d390adf 33719->33720 33721 7ff61d390ff7 33719->33721 33723 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33720->33723 33722 7ff61d381810 2 API calls 33721->33722 33722->33657 33724 7ff61d390b06 33723->33724 33725 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33724->33725 33726 7ff61d390b46 33725->33726 33727 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33726->33727 33728 7ff61d390d5b 33727->33728 33729 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33728->33729 33730 7ff61d390d9b 33729->33730 33731 7ff61d390e72 GetSystemInfo 33730->33731 33732 7ff61d382130 2 API calls 33731->33732 33733 7ff61d390e9e 33732->33733 33760 7ff61d3ba558 33733->33760 33736 7ff61d391890 78 API calls 33737 7ff61d390f68 CreateEventW CreateEventW CreateEventW 33736->33737 33738 7ff61d3a0100 116 API calls 33737->33738 33739 7ff61d3815e9 33738->33739 33741 7ff61d3819d0 57 API calls 33740->33741 33742 7ff61d3a750c 33741->33742 33743 7ff61d3a7817 33742->33743 33769 7ff61d3ad590 33742->33769 33744 7ff61d381810 2 API calls 33743->33744 33745 7ff61d3a7822 33744->33745 33748 7ff61d3819d0 57 API calls 33749 7ff61d3a7550 33748->33749 33750 7ff61d3a780d 33749->33750 33751 7ff61d3a755c 33749->33751 33752 7ff61d381810 2 API calls 33750->33752 33753 7ff61d3a7596 33751->33753 33781 7ff61d38aca0 12 API calls 2 library calls 33751->33781 33752->33743 33756 7ff61d3a75be 17 API calls 33753->33756 33757 7ff61d3a7740 LoadLibraryW 33753->33757 33759 7ff61d3908bd 33753->33759 33755 7ff61d3a7588 33782 7ff61d38aca0 12 API calls 2 library calls 33755->33782 33756->33759 33757->33759 33759->33655 33762 7ff61d3ba575 33760->33762 33763 7ff61d390ec1 8 API calls 33762->33763 33765 7ff61d3ba57a 33762->33765 33767 7ff61d3ba5c6 33762->33767 33763->33736 33764 7ff61d3ba584 33788 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 33764->33788 33765->33763 33787 7ff61d3ba420 11 API calls _set_errno_from_matherr 33765->33787 33767->33763 33789 7ff61d3ba420 11 API calls _set_errno_from_matherr 33767->33789 33770 7ff61d3ad63e 33769->33770 33771 7ff61d3ad680 33769->33771 33770->33771 33783 7ff61d38d130 61 API calls 4 library calls 33770->33783 33774 7ff61d3ad6c2 BuildCatchObjectHelperInternal 33771->33774 33784 7ff61d3ad8e0 61 API calls 4 library calls 33771->33784 33778 7ff61d3ad81f 33774->33778 33785 7ff61d38d130 61 API calls 4 library calls 33774->33785 33776 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33777 7ff61d3a7534 33776->33777 33777->33748 33778->33778 33779 7ff61d3ad874 BuildCatchObjectHelperInternal 33778->33779 33786 7ff61d3ad8e0 61 API calls 4 library calls 33778->33786 33779->33776 33781->33755 33782->33753 33783->33770 33784->33774 33785->33774 33786->33779 33787->33764 33788->33763 33789->33764 33791 7ff61d38147d GetModuleHandleW 33790->33791 33792 7ff61d38b750 50 API calls std::_Throw_Cpp_error 33791->33792 33792->33643 33794 7ff61d3819d0 57 API calls 33793->33794 33795 7ff61d38b7e0 33794->33795 33796 7ff61d38b8f2 33795->33796 33797 7ff61d38b7ec 33795->33797 33798 7ff61d381810 2 API calls 33796->33798 33806 7ff61d38cc10 RegCreateKeyExW 33797->33806 33799 7ff61d38b8fc 33798->33799 33801 7ff61d38b816 33802 7ff61d3829a0 68 API calls 33801->33802 33803 7ff61d38b8d5 33802->33803 33804 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33803->33804 33805 7ff61d3815c9 33804->33805 33807 7ff61d38ccb5 33806->33807 33808 7ff61d38cc6d RegQueryValueExW 33806->33808 33811 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33807->33811 33809 7ff61d38ccaf RegCloseKey 33808->33809 33810 7ff61d38ccca RegCloseKey 33808->33810 33809->33807 33813 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33810->33813 33812 7ff61d38ccc4 33811->33812 33812->33801 33814 7ff61d38ccdf 33813->33814 33814->33801 33815 7ff61d3863c0 33816 7ff61d3819d0 57 API calls 33815->33816 33817 7ff61d3863e2 33816->33817 33818 7ff61d38644a 33817->33818 33822 7ff61d3826a0 49 API calls 33817->33822 33819 7ff61d381810 2 API calls 33818->33819 33820 7ff61d386969 33819->33820 33821 7ff61d381810 2 API calls 33820->33821 33823 7ff61d386974 33821->33823 33822->33818 33824 7ff61d388550 33823->33824 33830 7ff61d3ba31c 47 API calls _invalid_parameter_noinfo_noreturn 33823->33830 33831 7ff61d39975d 33832 7ff61d384d30 102 API calls 33831->33832 33833 7ff61d399764 EnterCriticalSection 33832->33833 33840 7ff61d3a0010 13 API calls std::_Throw_Cpp_error 33833->33840 33835 7ff61d39977e LeaveCriticalSection 33837 7ff61d39fdb7 33835->33837 33838 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33837->33838 33839 7ff61d39fdc6 33838->33839 33840->33835 33841 7ff61d3a9870 33842 7ff61d3a9890 33841->33842 33876 7ff61d38ea90 33842->33876 33845 7ff61d3819d0 57 API calls 33846 7ff61d3a98b4 33845->33846 33847 7ff61d3a9b6a 33846->33847 33849 7ff61d3a98d8 __scrt_get_show_window_mode 33846->33849 33852 7ff61d3a9961 33846->33852 33848 7ff61d381810 2 API calls 33847->33848 33850 7ff61d3a9b75 33848->33850 33851 7ff61d3a98e9 GetModuleHandleW GetModuleFileNameW 33849->33851 33853 7ff61d3a990c 33851->33853 33854 7ff61d3826a0 49 API calls 33852->33854 33853->33852 33856 7ff61d3a9988 33854->33856 33855 7ff61d3a9b5f 33857 7ff61d381810 2 API calls 33855->33857 33856->33855 33858 7ff61d382630 49 API calls 33856->33858 33859 7ff61d3a99da 33856->33859 33857->33847 33858->33859 33859->33855 33859->33859 33860 7ff61d3a9a18 GetFileAttributesW 33859->33860 33861 7ff61d3a9a2f 33860->33861 33862 7ff61d3a9af6 33860->33862 33863 7ff61d3819d0 57 API calls 33861->33863 33864 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33862->33864 33865 7ff61d3a9a70 33863->33865 33866 7ff61d3a9b3d 33864->33866 33867 7ff61d3a9b55 33865->33867 33868 7ff61d3a9a7c 33865->33868 33869 7ff61d381810 2 API calls 33867->33869 33870 7ff61d3a9aac 33868->33870 33871 7ff61d3a9a9d 33868->33871 33869->33855 33874 7ff61d3826a0 49 API calls 33870->33874 34086 7ff61d3823c0 56 API calls wmemcpy_s 33871->34086 33873 7ff61d3a9aaa 33919 7ff61d38d810 33873->33919 33874->33873 33877 7ff61d38eabe 33876->33877 33878 7ff61d38ead5 33876->33878 34087 7ff61d38aca0 12 API calls 2 library calls 33877->34087 33880 7ff61d3819d0 57 API calls 33878->33880 33891 7ff61d38eae5 33878->33891 33882 7ff61d38eaf1 33880->33882 33881 7ff61d38eac5 34088 7ff61d38aca0 12 API calls 2 library calls 33881->34088 33885 7ff61d38ee1a 33882->33885 33886 7ff61d38eafd 33882->33886 33883 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33887 7ff61d38ebb7 33883->33887 33888 7ff61d381810 2 API calls 33885->33888 33889 7ff61d38eb2b 33886->33889 34089 7ff61d38aca0 12 API calls 2 library calls 33886->34089 33887->33845 33893 7ff61d38ee24 33888->33893 33889->33891 33892 7ff61d38eb3b CoInitializeEx CoCreateInstance 33889->33892 33891->33883 33895 7ff61d38eb72 33892->33895 33896 7ff61d38ebcc VariantInit VariantInit VariantInit VariantInit 33892->33896 33894 7ff61d38eb1b 34090 7ff61d38aca0 12 API calls 2 library calls 33894->34090 33898 7ff61d3829a0 68 API calls 33895->33898 33899 7ff61d38eca3 VariantClear VariantClear VariantClear VariantClear 33896->33899 33898->33891 33900 7ff61d38ecff 33899->33900 33901 7ff61d38ecd7 33899->33901 33902 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33900->33902 33903 7ff61d3829a0 68 API calls 33901->33903 33904 7ff61d38ed0d 33902->33904 33905 7ff61d38ecea CoUninitialize 33903->33905 33906 7ff61d38ed1a SysAllocString 33904->33906 33908 7ff61d38ed4a 33904->33908 33905->33891 33906->33893 33906->33908 33908->33893 34091 7ff61d38d790 33908->34091 33910 7ff61d38ed7a 33910->33905 33911 7ff61d38ed82 33910->33911 33912 7ff61d38edf9 CoUninitialize 33911->33912 33913 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33911->33913 33912->33891 33914 7ff61d38ed96 33913->33914 33915 7ff61d38eda3 SysAllocString 33914->33915 33917 7ff61d38edcf 33914->33917 33915->33893 33915->33917 33917->33893 33918 7ff61d38d790 SysFreeString 33917->33918 33918->33912 33920 7ff61d3819d0 57 API calls 33919->33920 33924 7ff61d38d84d 33920->33924 33921 7ff61d381810 2 API calls 33922 7ff61d38ea5f 33921->33922 33926 7ff61d381810 2 API calls 33922->33926 33923 7ff61d38d891 33925 7ff61d38d8ac CoInitializeEx 33923->33925 34083 7ff61d38df39 33923->34083 33924->33923 33994 7ff61d38ea28 33924->33994 34110 7ff61d38aca0 12 API calls 2 library calls 33924->34110 33928 7ff61d38d8bf 33925->33928 33929 7ff61d38d8dc CoCreateInstance 33925->33929 33930 7ff61d38ea6a 33926->33930 34112 7ff61d38aca0 12 API calls 2 library calls 33928->34112 33933 7ff61d38d9e7 VariantInit VariantInit VariantInit VariantInit 33929->33933 33934 7ff61d38d917 LoadStringW 33929->33934 33940 7ff61d381810 2 API calls 33930->33940 33931 7ff61d38d881 34111 7ff61d38aca0 12 API calls 2 library calls 33931->34111 33942 7ff61d38dae3 VariantClear VariantClear VariantClear VariantClear 33933->33942 33938 7ff61d38d98d 33934->33938 33939 7ff61d38d93d 33934->33939 33936 7ff61d38d8c6 34113 7ff61d38aca0 12 API calls 2 library calls 33936->34113 33937 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 33943 7ff61d38e0ab 33937->33943 33946 7ff61d3829a0 68 API calls 33938->33946 33944 7ff61d38d946 LoadLibraryW 33939->33944 33945 7ff61d38d95a GetModuleHandleW LoadStringW 33939->33945 33963 7ff61d38ea75 33940->33963 33948 7ff61d38db18 LoadStringW 33942->33948 33949 7ff61d38dbea 33942->33949 33943->33862 33944->33945 33945->33938 33950 7ff61d38d985 33945->33950 33951 7ff61d38d9aa 33946->33951 33947 7ff61d38d8d5 33947->33929 33953 7ff61d38db3e 33948->33953 33954 7ff61d38db8d 33948->33954 33952 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33949->33952 33950->33938 33959 7ff61d38d9c6 MessageBoxW 33951->33959 33951->34083 33955 7ff61d38dbfb 33952->33955 33956 7ff61d38db46 LoadLibraryW 33953->33956 33957 7ff61d38db5a GetModuleHandleW LoadStringW 33953->33957 33958 7ff61d3829a0 68 API calls 33954->33958 33960 7ff61d38dc08 SysAllocString 33955->33960 33965 7ff61d38dc38 33955->33965 33956->33957 33957->33954 33961 7ff61d38db85 33957->33961 33962 7ff61d38dbaa 33958->33962 33959->34083 33960->33965 33980 7ff61d38e9d7 33960->33980 33961->33954 33964 7ff61d38dbc2 MessageBoxW 33962->33964 34005 7ff61d38dbde CoUninitialize 33962->34005 33964->34005 33966 7ff61d38d790 SysFreeString 33965->33966 33965->33994 33968 7ff61d38dc6e 33966->33968 33969 7ff61d38dc76 33968->33969 33970 7ff61d38dd4c 33968->33970 33973 7ff61d38dc92 LoadStringW 33969->33973 33969->34005 33971 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 33970->33971 33972 7ff61d38dd56 33971->33972 33974 7ff61d38dd63 SysAllocString 33972->33974 33983 7ff61d38dd93 33972->33983 33975 7ff61d38dd07 33973->33975 33976 7ff61d38dcb8 33973->33976 33974->33980 33974->33983 33979 7ff61d3829a0 68 API calls 33975->33979 33977 7ff61d38dcc0 LoadLibraryW 33976->33977 33978 7ff61d38dcd4 GetModuleHandleW LoadStringW 33976->33978 33977->33978 33978->33975 33981 7ff61d38dcff 33978->33981 33982 7ff61d38dd24 MessageBoxW 33979->33982 34118 7ff61d3ba420 11 API calls _set_errno_from_matherr 33980->34118 33981->33975 33982->34005 33985 7ff61d38d790 SysFreeString 33983->33985 33983->33994 33987 7ff61d38ddc2 33985->33987 33986 7ff61d38ea13 34119 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 33986->34119 33991 7ff61d38ddf6 33987->33991 33992 7ff61d38dec7 33987->33992 33989 7ff61d38e5de 33990 7ff61d381810 2 API calls 33989->33990 33990->33994 33993 7ff61d38de12 LoadStringW 33991->33993 33991->34005 34002 7ff61d38dee8 33992->34002 34006 7ff61d38df58 33992->34006 33995 7ff61d38de89 33993->33995 33996 7ff61d38de39 33993->33996 33994->33921 33997 7ff61d3829a0 68 API calls 33995->33997 33998 7ff61d38de41 LoadLibraryW 33996->33998 33999 7ff61d38de55 GetModuleHandleW LoadStringW 33996->33999 34001 7ff61d38de9f MessageBoxW 33997->34001 33998->33999 33999->33995 34000 7ff61d38de81 33999->34000 34000->33995 34001->34005 34003 7ff61d3829a0 68 API calls 34002->34003 34002->34083 34004 7ff61d38df1d MessageBoxW 34003->34004 34004->34083 34005->34083 34008 7ff61d38df7f 34006->34008 34009 7ff61d38e0c7 34006->34009 34007 7ff61d3829a0 68 API calls 34010 7ff61d38e038 MessageBoxW 34007->34010 34008->34005 34008->34007 34011 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34009->34011 34010->34005 34012 7ff61d38e0d1 34011->34012 34013 7ff61d38e0de SysAllocString 34012->34013 34014 7ff61d38e10e 34012->34014 34013->33980 34013->34014 34014->33994 34015 7ff61d38d790 SysFreeString 34014->34015 34017 7ff61d38e13d 34015->34017 34016 7ff61d3829a0 68 API calls 34016->34017 34017->34005 34017->34016 34018 7ff61d38e28e 34017->34018 34019 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34018->34019 34020 7ff61d38e2d8 34019->34020 34021 7ff61d38e2e5 SysAllocString 34020->34021 34022 7ff61d38e315 34020->34022 34021->33980 34021->34022 34022->33994 34023 7ff61d38d790 SysFreeString 34022->34023 34024 7ff61d38e342 34023->34024 34025 7ff61d3829a0 68 API calls 34024->34025 34028 7ff61d38e397 34024->34028 34026 7ff61d38e363 34025->34026 34027 7ff61d38e37b MessageBoxW 34026->34027 34026->34028 34027->34028 34029 7ff61d3819d0 57 API calls 34028->34029 34030 7ff61d38e46b 34029->34030 34030->33922 34031 7ff61d38e496 34030->34031 34032 7ff61d38e4a8 34030->34032 34114 7ff61d3823c0 56 API calls wmemcpy_s 34031->34114 34034 7ff61d3826a0 49 API calls 34032->34034 34035 7ff61d38e4a6 34034->34035 34036 7ff61d3819d0 57 API calls 34035->34036 34037 7ff61d38e4d5 34036->34037 34037->33930 34038 7ff61d38e500 34037->34038 34039 7ff61d38e511 34037->34039 34115 7ff61d3823c0 56 API calls wmemcpy_s 34038->34115 34041 7ff61d3826a0 49 API calls 34039->34041 34048 7ff61d38e50f 34041->34048 34042 7ff61d38e62d 34044 7ff61d3859f0 49 API calls 34042->34044 34043 7ff61d3829a0 68 API calls 34043->34042 34045 7ff61d38e639 34044->34045 34046 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34045->34046 34047 7ff61d38e643 34046->34047 34049 7ff61d38e650 SysAllocString 34047->34049 34051 7ff61d38e67f 34047->34051 34048->33989 34050 7ff61d38e597 34048->34050 34052 7ff61d382630 49 API calls 34048->34052 34054 7ff61d38e5e3 BuildCatchObjectHelperInternal 34048->34054 34049->34051 34050->33980 34053 7ff61d38e5ce 34050->34053 34050->34054 34051->33980 34051->33994 34057 7ff61d38d790 SysFreeString 34051->34057 34052->34050 34116 7ff61d3ba420 11 API calls _set_errno_from_matherr 34053->34116 34054->33989 34054->34042 34054->34043 34056 7ff61d38e5d3 34117 7ff61d3ba2fc 47 API calls _invalid_parameter_noinfo_noreturn 34056->34117 34059 7ff61d38e6b7 34057->34059 34060 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34059->34060 34061 7ff61d38e6c1 34060->34061 34062 7ff61d38e6d5 SysAllocString 34061->34062 34063 7ff61d38e6fd 34061->34063 34062->34063 34063->33980 34063->33994 34064 7ff61d38e719 34063->34064 34065 7ff61d38d790 SysFreeString 34064->34065 34066 7ff61d38e734 34065->34066 34067 7ff61d38e754 SysAllocString 34066->34067 34068 7ff61d38e745 34066->34068 34067->33963 34069 7ff61d38e77e VariantInit 34067->34069 34070 7ff61d3829a0 68 API calls 34068->34070 34095 7ff61d3aff30 34069->34095 34072 7ff61d38e909 34070->34072 34076 7ff61d38e921 MessageBoxW 34072->34076 34077 7ff61d38e93d CoUninitialize 34072->34077 34073 7ff61d38e7be 34074 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34073->34074 34075 7ff61d38e813 34074->34075 34078 7ff61d38e820 SysAllocString 34075->34078 34080 7ff61d38e850 34075->34080 34076->34077 34077->34083 34078->33994 34078->34080 34080->33963 34081 7ff61d38d790 SysFreeString 34080->34081 34083->33937 34086->33873 34087->33881 34088->33878 34089->33894 34090->33889 34092 7ff61d38d7c9 34091->34092 34093 7ff61d38d7a5 34091->34093 34092->33910 34093->34092 34094 7ff61d38d7bc SysFreeString 34093->34094 34094->34092 34096 7ff61d3aff60 34095->34096 34097 7ff61d3aff7f 34095->34097 34098 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 34096->34098 34100 7ff61d3aff9f MultiByteToWideChar 34097->34100 34107 7ff61d3b0058 __vcrt_freefls 34097->34107 34099 7ff61d3aff6e 34098->34099 34099->34073 34101 7ff61d3b0083 GetLastError 34100->34101 34103 7ff61d3affcc 34100->34103 34102 7ff61d3b008d __vcrt_freefls 34101->34102 34104 7ff61d3b00ae GetLastError 34102->34104 34105 7ff61d3b0025 MultiByteToWideChar 34103->34105 34103->34107 34108 7ff61d3b00b8 34104->34108 34105->34102 34106 7ff61d3b0043 SysAllocString 34105->34106 34106->34107 34107->34101 34109 7ff61d3b0065 34107->34109 34108->34073 34109->34073 34110->33931 34111->33923 34112->33936 34113->33947 34114->34035 34115->34048 34116->34056 34117->33989 34118->33986 34119->33989 34120 7ff61d3c20d1 34132 7ff61d3c1e24 34120->34132 34137 7ff61d3c4a08 47 API calls 3 library calls 34132->34137 34134 7ff61d3c1e2d 34138 7ff61d3c1db4 47 API calls 2 library calls 34134->34138 34137->34134 34139 7ff61d38d3b0 RegOpenKeyExW 34140 7ff61d38d441 34139->34140 34141 7ff61d38d3fd RegQueryValueExW 34139->34141 34144 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 34140->34144 34142 7ff61d38d45b RegCloseKey 34141->34142 34143 7ff61d38d43b RegCloseKey 34141->34143 34142->34140 34143->34140 34145 7ff61d38d450 34144->34145 34146 7ff61d38ee50 34147 7ff61d38ee8e 34146->34147 34148 7ff61d38eea5 34146->34148 34176 7ff61d38aca0 12 API calls 2 library calls 34147->34176 34149 7ff61d38eeb9 CoInitializeEx CoCreateInstance 34148->34149 34150 7ff61d38f00c 34148->34150 34153 7ff61d38f006 CoUninitialize 34149->34153 34154 7ff61d38eefa VariantInit VariantInit VariantInit VariantInit 34149->34154 34156 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 34150->34156 34152 7ff61d38ee95 34177 7ff61d38aca0 12 API calls 2 library calls 34152->34177 34153->34150 34157 7ff61d38efca VariantClear VariantClear VariantClear VariantClear 34154->34157 34158 7ff61d38f01d 34156->34158 34159 7ff61d38f039 34157->34159 34160 7ff61d38effc 34157->34160 34161 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34159->34161 34160->34153 34162 7ff61d38f047 34161->34162 34163 7ff61d38f053 SysAllocString 34162->34163 34165 7ff61d38f080 34162->34165 34164 7ff61d38f25d 34163->34164 34163->34165 34165->34164 34166 7ff61d38d790 SysFreeString 34165->34166 34167 7ff61d38f0ae 34166->34167 34167->34153 34173 7ff61d38f0e8 34167->34173 34168 7ff61d38f15c VariantClear 34168->34173 34169 7ff61d38f21a SysFreeString 34171 7ff61d38f246 CoUninitialize 34169->34171 34171->34150 34172 7ff61d3b8dbc 53 API calls 34172->34173 34173->34168 34173->34169 34173->34172 34175 7ff61d38f1fa SysFreeString 34173->34175 34175->34173 34176->34152 34177->34148 34178 7ff61d389a30 RegCreateKeyExW 34179 7ff61d389a95 RegDeleteValueW 34178->34179 34180 7ff61d389acb 34178->34180 34181 7ff61d389ac0 RegCloseKey 34179->34181 34182 7ff61d389aab 34179->34182 34183 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 34180->34183 34181->34180 34182->34181 34184 7ff61d389adb 34183->34184 34185 7ff61d3a1d90 34186 7ff61d3a1de0 CreateFileW 34185->34186 34187 7ff61d3a1e17 GetLastError 34186->34187 34188 7ff61d3a1e38 WriteFile 34186->34188 34189 7ff61d3a1e26 Sleep 34187->34189 34197 7ff61d3a1f1b 34187->34197 34190 7ff61d3819d0 57 API calls 34188->34190 34189->34186 34189->34188 34208 7ff61d3a1e5f 34190->34208 34191 7ff61d3a23b6 34194 7ff61d381810 2 API calls 34191->34194 34192 7ff61d3af660 std::_Throw_Cpp_error 8 API calls 34193 7ff61d3a2391 34192->34193 34195 7ff61d3a23c1 34194->34195 34199 7ff61d381810 2 API calls 34195->34199 34196 7ff61d3a2346 FlushFileBuffers SetEndOfFile 34196->34197 34198 7ff61d3a235d FindCloseChangeNotification 34196->34198 34197->34192 34198->34197 34200 7ff61d3a23cc 34199->34200 34201 7ff61d381810 2 API calls 34200->34201 34202 7ff61d3a23d7 34201->34202 34203 7ff61d382540 49 API calls 34203->34208 34204 7ff61d3859f0 49 API calls 34204->34208 34205 7ff61d3819d0 57 API calls 34205->34208 34206 7ff61d3a23ac 34207 7ff61d381810 2 API calls 34206->34207 34207->34191 34208->34191 34208->34195 34208->34196 34208->34200 34208->34203 34208->34204 34208->34205 34208->34206 34209 7ff61d382630 49 API calls 34208->34209 34210 7ff61d3829a0 68 API calls 34208->34210 34211 7ff61d3a21eb WriteFile 34208->34211 34212 7ff61d3826a0 49 API calls 34208->34212 34214 7ff61d3a2198 WriteFile 34208->34214 34216 7ff61d382260 50 API calls 34208->34216 34209->34208 34210->34208 34211->34208 34213 7ff61d3a22b8 34211->34213 34212->34208 34213->34197 34215 7ff61d3a22bd CloseHandle 34213->34215 34214->34208 34214->34213 34215->34197 34216->34208 34217 7ff61d386c90 RegCreateKeyExW 34218 7ff61d386ce7 RegSetValueExW 34217->34218 34219 7ff61d386d20 34217->34219 34220 7ff61d386d1a RegCloseKey 34218->34220 34221 7ff61d386ec0 RegCloseKey 34218->34221 34222 7ff61d386d23 RegCreateKeyExW 34219->34222 34220->34219 34221->34222 34223 7ff61d386d66 RegSetValueExW 34222->34223 34224 7ff61d386d9f 34222->34224 34225 7ff61d386d99 RegCloseKey 34223->34225 34226 7ff61d386ece RegCloseKey 34223->34226 34227 7ff61d386da1 RegCreateKeyExW 34224->34227 34225->34224 34226->34227 34228 7ff61d386e29 34227->34228 34229 7ff61d386de7 RegSetValueExW 34227->34229 34232 7ff61d386e2b RegCreateKeyExW 34228->34232 34230 7ff61d386edb RegCloseKey 34229->34230 34231 7ff61d386e23 RegCloseKey 34229->34231 34230->34232 34231->34228 34233 7ff61d386eac 34232->34233 34234 7ff61d386e6e RegSetValueExW 34232->34234 34235 7ff61d386ee6 RegCloseKey 34234->34235 34236 7ff61d386ea6 RegCloseKey 34234->34236 34236->34233 34237 7ff61d385fd0 34238 7ff61d3819d0 57 API calls 34237->34238 34239 7ff61d385ff3 34238->34239 34240 7ff61d3861c9 34239->34240 34243 7ff61d385fff 34239->34243 34241 7ff61d381810 2 API calls 34240->34241 34242 7ff61d3861d3 34241->34242 34244 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34243->34244 34245 7ff61d38605e 34244->34245 34246 7ff61d3af39c std::_Throw_Cpp_error 61 API calls 34245->34246 34247 7ff61d386078 34246->34247 34248 7ff61d3886a0 77 API calls 34247->34248 34249 7ff61d386092 34248->34249 34255 7ff61d383120 34249->34255 34252 7ff61d3886a0 77 API calls 34253 7ff61d3860bd 34252->34253 34254 7ff61d386186 CreateEventW CreateEventW 34253->34254 34256 7ff61d383151 __scrt_get_show_window_mode 34255->34256 34257 7ff61d383333 34256->34257 34259 7ff61d3819d0 57 API calls 34256->34259 34258 7ff61d383dc0 49 API calls 34257->34258 34260 7ff61d38333e 34258->34260 34263 7ff61d383166 34259->34263 34260->34252 34261 7ff61d381810 2 API calls 34262 7ff61d383373 34261->34262 34264 7ff61d3832db 34263->34264 34265 7ff61d3ba558 47 API calls 34263->34265 34279 7ff61d383368 34263->34279 34281 7ff61d383380 34264->34281 34267 7ff61d3831c1 34265->34267 34267->34264 34270 7ff61d3831e7 34267->34270 34268 7ff61d3832af 34269 7ff61d38330c GetFileAttributesW 34268->34269 34271 7ff61d38331a SHCreateDirectoryExW 34269->34271 34272 7ff61d383328 34269->34272 34274 7ff61d3826a0 49 API calls 34270->34274 34271->34272 34273 7ff61d383dc0 49 API calls 34272->34273 34273->34257 34275 7ff61d383208 34274->34275 34275->34268 34275->34269 34276 7ff61d38335e 34275->34276 34278 7ff61d38329a 34275->34278 34280 7ff61d382630 49 API calls 34275->34280 34277 7ff61d381810 2 API calls 34276->34277 34277->34279 34278->34268 34278->34276 34279->34261 34280->34278 34282 7ff61d3833b6 __scrt_get_show_window_mode 34281->34282 34283 7ff61d38b900 20 API calls 34282->34283 34284 7ff61d3833bb SHGetSpecialFolderPathW 34283->34284 34285 7ff61d3833ea 34284->34285 34288 7ff61d383560 34284->34288 34287 7ff61d3826a0 49 API calls 34285->34287 34286 7ff61d383557 34286->34268 34291 7ff61d383418 34287->34291 34288->34286 34289 7ff61d381810 2 API calls 34288->34289 34290 7ff61d3835e4 34289->34290 34291->34288 34292 7ff61d382630 49 API calls 34291->34292 34293 7ff61d38346d 34291->34293 34292->34293 34293->34288 34294 7ff61d3834fd 34293->34294 34295 7ff61d382630 49 API calls 34293->34295 34296 7ff61d383511 34293->34296 34294->34288 34294->34296 34295->34294 34297 7ff61d38353b GetFileAttributesW 34296->34297 34297->34286 34298 7ff61d383549 SHCreateDirectoryExW 34297->34298 34298->34286

                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                          Function 00007FF61D39255A Relevance: 323.2, APIs: 19, Strings: 163, Instructions: 4673sleepCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D384D30: GetUserDefaultUILanguage.KERNEL32 ref: 00007FF61D384D36
                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000226262E0000,?,?,00000000,?,00007FF61D399844), ref: 00007FF61D392566
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D392420: RegOpenKeyExW.KERNELBASE ref: 00007FF61D39245C
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D392420: RegQueryValueExW.KERNELBASE ref: 00007FF61D39249E
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D392420: RegCloseKey.KERNELBASE ref: 00007FF61D3924AD
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A35A0: CreateFileW.KERNEL32 ref: 00007FF61D3A363F
                                                                                                                                                                                                                                          • Sleep.KERNEL32 ref: 00007FF61D39258E
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3859F0: _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D385ADF
                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D393FC8
                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D3940AC
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AED78: ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,00007FF61D3A043F), ref: 00007FF61D3AED8A
                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D394880
                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D394955
                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D3949D1
                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D394AC0
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3836D0: std::_Throw_Cpp_error.LIBCPMT ref: 00007FF61D383711
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3836D0: std::_Throw_Cpp_error.LIBCPMT ref: 00007FF61D38371C
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38BC30: MultiByteToWideChar.KERNEL32 ref: 00007FF61D38BC71
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38BC30: MultiByteToWideChar.KERNEL32 ref: 00007FF61D38BCB6
                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D396960
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D382630: _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D382951
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D383EE0: _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D383FB3
                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF61D399844), ref: 00007FF61D396DB9
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AED70: GetCurrentThreadId.KERNEL32 ref: 00007FF61D3AEDC1
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AED70: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,00007FF61D3A013E), ref: 00007FF61D3AEDE0
                                                                                                                                                                                                                                          • _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D399543
                                                                                                                                                                                                                                          • _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D399569
                                                                                                                                                                                                                                          • _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D39958F
                                                                                                                                                                                                                                          • _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D3995B5
                                                                                                                                                                                                                                          • _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D3995E8
                                                                                                                                                                                                                                          • std::_Throw_Cpp_error.LIBCPMT ref: 00007FF61D399628
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CriticalSection$_invalid_parameter_noinfo$Enter$Leave$Cpp_errorThrow_std::_$ByteCharExclusiveLockMultiWide$AcquireCloseCreateCurrentDefaultFileHeapLanguageOpenProcessQueryReleaseSleepThreadUserValue
                                                                                                                                                                                                                                          • String ID: %d/$%s,%d$%s;%1.2f;%u;%u;%u$%s;%d;%d;%1.2f;%d;%c$,%d$0x%x$Administration$Advanced$AdvancedRules$AllowedProcesses$ApplyInstanceCountLimitsToAllUsers$AutomaticUpdate$BalloonTipDuration$BoostForegroundProcess$BoostOnlyNormal$CPULimitRules$CPUSets$ChangeTrayIconOnRestraint$ClearLogAtExit$ClearStandbyFreeRAMThresholdMB$ClearStandbyOnlyInPerfMode$ConfigPasswordMD5$DefaultAffinitiesEx$DefaultIOPriorities$DefaultMemoryPriorities$DefaultPriorities$DefaultsLevel$DisableProBalanceIfSysIdleThisManyMS$DisableProBalanceWhenSysIdle$DisableThreadPriorityBoost$DisallowedProcesses$DivideCPUPercentThresholdsBySystemCPUCount$DoNotAdjustAffinityIfCustomized$DoNotLowerPriorityClass$ERROR$EfficiencyMode$EnableSystemTrayNotification$ExcludeChildrenOfForeground$ExcludeForegroundProcesses2$ExcludeServices$ExitOnCloseWindow$ForcedMode$ForegroundBoostExclusions$ForegroundBoostPriorityClass$ForegroundBoosting$GUI$GracefulWaitTimeInMs$GraphShowTooltips$IgnoreProblematicProcesses$IgnoreSuspendedProcesses$IncludeCommandLines$InstanceLimitedProcesses$InstanceManagedCPUAffinities$IsConfigWritable$KeepRunningProcesses$LogCPULimiter$LogCPUSets$LogDefaultAffinityAdjustments$LogDefaultPriorityAdjustments$LogDisable$LogEfficiencyMode$LogGroupExtender$LogInstanceLimitTerminations$LogPowerProfileChanges$LogProBalanceBegin$LogProBalanceEnd$LogProBalanceParkingChanges$LogProcessExecutions$LogProcessTerminations$LogProcessesDisallowed$LogSmartTrim$Logging$LowerIOPriorityDuringRestraint$LowerToIdleInsteadOfBelowNormal$ManageOnlyCurrentUser$MatchExclusionsByPathnameToo$MatchOnCommandLine$MatchWildcardsToPathnames$MaximumTimeOfRestraint$MemoryManagement$MinimumProcessWSSInMb$MinimumTimeOfRestraint$NamedAffinities$OneTimeProcessThrottles$OocDisableCoreParkingWhileIn$OocExclusions$OocHardCodedExclusionOverrides$OocOn$OutOfControlProcessRestraint$P$P$PerProcessUsageBeforeRestraint$PerProcessUsageForRestore$Performance$PlayOnRestore$PlayOnRestraint$PlaySoundOnRestore$PlaySoundOnRestraint$ProBalanceCountersOnGraph$ProBalanceDropOneRandomCore$ProcessAllowances$ProcessDefaults$ProcessThrottles$ProcessorGroupExtended$RestrainByAffinity$RestraintAffinity$Sampling$SamplingEnabled$SamplingExcludePattern$SamplingIncludePattern$SamplingIntervalSeconds$SamplingOutputPath$SetTimerResolutionAtStartup$ShowBalloonsForOocPriorityRestoration$ShowCPUCoreUtilGraphs$ShowCPUUtilityAsPrimary$ShowGraphCPU$ShowGraphLegend$ShowGraphLicenseName$ShowGraphMemoryLoad$ShowGraphProBalanceEvents$ShowGraphResponsiveness$ShowGraphSelectedProcessesCPUHistory$ShowPowerProfile$ShowProcessIcons$ShowResponsivnessInTrayInsteadOfProcessorUsage$SmartTrimAutoMinimumRAMLoad$SmartTrimClearFileCache$SmartTrimClearStandbyList$SmartTrimExclusions$SmartTrimIntervalMins$SmartTrimIsEnabled$SmartTrimWorkingSetTrims$Software\ProcessLasso$SoundsOff$SysTrayBalloons$SystemTrayIcon$TameOnlyNormal$TimeOverQuotaBeforeRestraint$TotalProcessorUsageBeforeRestraint$UpdateSpeedCore$UpdateSpeedGUI$UseEfficiencyMode$UseStaticIcon$Version$false$true$$&$4$6$B$B$F$R$V$\$b$h$r$~$$
                                                                                                                                                                                                                                          • API String ID: 4041704673-4159761394
                                                                                                                                                                                                                                          • Opcode ID: 609c7fa08d0b71a9fc305728d67eae8276ec9982a116693d16d0214d5b69de10
                                                                                                                                                                                                                                          • Instruction ID: e8ee6bce39838852d7a9a672b69ba92874a74c7e60dccb4b864849eb162966d5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 609c7fa08d0b71a9fc305728d67eae8276ec9982a116693d16d0214d5b69de10
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1DB36536A09F8695EB509F24D8802EDB3A4FB46B68F404236E64D877A9FF3CD645C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D386F5A Relevance: 293.4, APIs: 90, Strings: 77, Instructions: 1190registryfilesynchronizationCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$Value$Open$DeleteQuery$File$Handle$Module$CreateLoad$AttributesEventNameString$ChangeCopyLibraryMutexNotifyObjectReleaseSingleTerminateThreadWaitWrite
                                                                                                                                                                                                                                          • String ID: %s\%s$%s\processlasso.exe$.Replacement$.docs_fmt0$.logtype9$ActionLogColumnOrders2$ActionLogColumnSizes2$ActiveProfile$AddedSessionAgentTask-0$AddedToSystemPath$AlreadyAddedSessionAgentTask$AlreadyAddedToSystemPath$BHPReinitDone$BitsumUserAgent.exe$ColorScheme$ColorScheme8$ColorScheme9$DarkMenubar$DarkStatusbarEnabled$ForegroundBoostPriorityClass$GvrServicePassword$GvrServiceUser$IconSetNumber$InstalledSessionAgent$LogDisabled$LogViewerCols$LogViewerColsFilter$MaxCSVLogFileSize$ProBalanceToday$Process Lasso$Process Lasso Core Engine Only$Process Lasso Management Console (GUI)$ProcessLasso$Session agent for Process Lasso$SetTimerResolutionAtStartup$Software\Bitsum\Language$Software\Process Lasso$Software\ProcessLasso$Software\ProcessLassoServerBitsum$Software\ProcessLasso\Counters\Dates$Software\ProcessLasso\listview_orders$Software\ProcessLasso\listview_sizes$UpdateCheckInterval$\$\$\QuickUpgrade.exe$action_log_column_orders$action_log_column_widths$active_column_order$active_column_sort_info$active_column_widths$autoupdated$bcleaner.exe$bitsumms.exe$fx1$fx2$highest-rights-marker$installhelper.exe.manifest$lassoinsights.exe$pkctrl.exe$pl_rsrc_dutch.dll$pl_rsrc_hungarian.dll$pl_rsrc_indonesian.dll$pl_rsrc_serbian.dll$pl_rsrc_serbian_latin.dll$pl_rsrc_temp.dll$pllogtocsv.exe$process_listview_column_order06070003$process_listview_column_widths06070003$processgovernor.exe.manifest$processgovernor.exe.manifest.highestavailablerights$processgovernor.exe.manifest.normal$processlasso.chm$processlasso.exe.manifest$processlasso.exe.manifest.highestavailablerights$processlasso.exe.manifest.normal$slv
                                                                                                                                                                                                                                          • API String ID: 3983166623-2033734318
                                                                                                                                                                                                                                          • Opcode ID: 06ff410154b8943c4958c09ba9237244400b5e37f7c0e2ffe2d515229363150f
                                                                                                                                                                                                                                          • Instruction ID: f76315f13efd8d0476ad4424ba58045665dd4e5c178b48445d7ff8796ab1f2fc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 06ff410154b8943c4958c09ba9237244400b5e37f7c0e2ffe2d515229363150f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8CD25576A14F8285EB61DF65E8402E9B3A5FB45FA4F804232DA4D877A8EF3CD154C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38D810 Relevance: 128.8, APIs: 51, Strings: 22, Instructions: 1060windowlibrarymemoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: LoadString$Variant$Message$AllocClearHandleInitLibraryModule$ConditionMask$CreateHeapInfoInitializeInstanceProcessUninitializeVerifyVersion
                                                                                                                                                                                                                                          • String ID: "%s"$Bitsum LLC$CTaskScheduler error: %xEFFECT: Can not set %s to start at login with elevated rights!$Can not set path of exe: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot create action: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot create trigger: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get identification pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get principal pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get setting info pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get settings pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get task collection ptr: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get triggers interface: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot put identification info: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot put principal run level: %xEFFECT: Can not set %s to start at login with elevated rights!$Error saving task: %xEFFECT: Can not set %s to start at login with elevated rights!$PT0S$QueryInterface call failed for IExecAction: %xEFFECT: Can not set %s to start at login with elevated rights!$QueryInterface call failed for ILogonTrigger:: %xEFFECT: Can not set %s to start at login with elevated rights!$S-1-5-32-545$Session agent for Process Lasso$Trigger1$ass
                                                                                                                                                                                                                                          • API String ID: 2026749160-631905513
                                                                                                                                                                                                                                          • Opcode ID: 7963f87eb8526db260bf2e6259f1a8477a7be9cde34281fe53076ebf35c0254c
                                                                                                                                                                                                                                          • Instruction ID: 477e8b4aac5d2da7800a122607653603d3eeaa9276a1608ce731687de2c3544a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7963f87eb8526db260bf2e6259f1a8477a7be9cde34281fe53076ebf35c0254c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 64B24E72A04F8286EB619F25D8442E9A3A0FF4AFA8F444236CA0DD7695FF7DE544D310
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A74E0 Relevance: 64.9, APIs: 18, Strings: 19, Instructions: 176libraryloaderCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 2205 7ff61d3a74e0-7ff61d3a7512 call 7ff61d3819d0 2208 7ff61d3a7818-7ff61d3a7822 call 7ff61d381810 2205->2208 2209 7ff61d3a7518-7ff61d3a7556 call 7ff61d3ad590 call 7ff61d3819d0 2205->2209 2217 7ff61d3a780d-7ff61d3a7817 call 7ff61d381810 2209->2217 2218 7ff61d3a755c-7ff61d3a757f 2209->2218 2217->2208 2222 7ff61d3a7581-7ff61d3a7596 call 7ff61d38aca0 * 2 2218->2222 2223 7ff61d3a759d-7ff61d3a75a4 2218->2223 2222->2223 2225 7ff61d3a77fb 2223->2225 2226 7ff61d3a75aa-7ff61d3a75b8 2223->2226 2230 7ff61d3a77ff-7ff61d3a780c 2225->2230 2228 7ff61d3a75be-7ff61d3a773e LoadLibraryW GetProcAddress * 16 2226->2228 2229 7ff61d3a7740 LoadLibraryW 2226->2229 2232 7ff61d3a7746-7ff61d3a774e 2228->2232 2229->2232 2234 7ff61d3a77f5-7ff61d3a77f9 2232->2234 2235 7ff61d3a7754-7ff61d3a775c 2232->2235 2234->2230 2235->2234 2236 7ff61d3a7762-7ff61d3a776a 2235->2236 2236->2234 2237 7ff61d3a7770-7ff61d3a7778 2236->2237 2237->2234 2238 7ff61d3a777a-7ff61d3a7782 2237->2238 2238->2234 2239 7ff61d3a7784-7ff61d3a778c 2238->2239 2239->2234 2240 7ff61d3a778e-7ff61d3a7796 2239->2240 2240->2234 2241 7ff61d3a7798-7ff61d3a77a0 2240->2241 2241->2234 2242 7ff61d3a77a2-7ff61d3a77aa 2241->2242 2242->2234 2243 7ff61d3a77ac-7ff61d3a77b4 2242->2243 2243->2234 2244 7ff61d3a77b6-7ff61d3a77be 2243->2244 2244->2234 2245 7ff61d3a77c0-7ff61d3a77c8 2244->2245 2245->2234 2246 7ff61d3a77ca-7ff61d3a77d2 2245->2246 2246->2234 2247 7ff61d3a77d4-7ff61d3a77dc 2246->2247 2247->2234 2248 7ff61d3a77de-7ff61d3a77ea 2247->2248 2248->2230 2249 7ff61d3a77ec-7ff61d3a77f3 2248->2249 2249->2230
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                          • LoadLibraryW.KERNELBASE(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A75C5
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A75D8
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A75EF
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7606
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A761D
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7634
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A764B
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7662
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7679
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7690
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A76A7
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A76BE
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A76D5
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A76EC
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7703
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A771A
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7731
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38ACA0: VerSetConditionMask.KERNEL32 ref: 00007FF61D38ACFC
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38ACA0: VerSetConditionMask.KERNEL32 ref: 00007FF61D38AD0B
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38ACA0: VerSetConditionMask.KERNEL32 ref: 00007FF61D38AD1A
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38ACA0: VerifyVersionInfoW.KERNEL32 ref: 00007FF61D38AD3F
                                                                                                                                                                                                                                          • LoadLibraryW.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7740
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressProc$ConditionMask$LibraryLoad$HeapInfoProcessVerifyVersion
                                                                                                                                                                                                                                          • String ID: ActiveOverlayAcPowerScheme$PowerDeleteScheme$PowerDuplicateScheme$PowerEnumerate$PowerGetActiveScheme$PowerGetActualOverlayScheme$PowerReadACValueIndex$PowerReadDCValueIndex$PowerReadFriendlyName$PowerReadPossibleValue$PowerSetActiveOverlayScheme$PowerSetActiveScheme$PowerWriteACValueIndex$PowerWriteDCValueIndex$PowerWriteDescription$PowerWriteFriendlyName$PowerWriteSettingAttributes$SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes$powrprof.dll
                                                                                                                                                                                                                                          • API String ID: 4168483749-1175917334
                                                                                                                                                                                                                                          • Opcode ID: 8342a2d453c5da51e62f1991c086b8e8cd3a890482721ad8cb22c99d2842aa4b
                                                                                                                                                                                                                                          • Instruction ID: 06c557c4a88b5c8f1b0dd784638c03a47b904639406a12407be943cb9dcda5b1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8342a2d453c5da51e62f1991c086b8e8cd3a890482721ad8cb22c99d2842aa4b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8BA1E574A09F4281FE569BA6E9843B9F3A1AF06FA0F440235C45DC66B0FF7DA885C351
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38B050 Relevance: 54.5, APIs: 24, Strings: 7, Instructions: 273registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 2250 7ff61d38b050-7ff61d38b082 2251 7ff61d38b084-7ff61d38b086 2250->2251 2252 7ff61d38b08b-7ff61d38b091 2250->2252 2253 7ff61d38b4c1-7ff61d38b4e5 call 7ff61d3af660 2251->2253 2254 7ff61d38b0a3-7ff61d38b0ae call 7ff61d3819d0 2252->2254 2255 7ff61d38b093-7ff61d38b0a0 call 7ff61d38adb0 2252->2255 2262 7ff61d38b0b4-7ff61d38b11d call 7ff61d3829a0 RegCreateKeyExW 2254->2262 2263 7ff61d38b4e6-7ff61d38b4f0 call 7ff61d381810 2254->2263 2255->2254 2269 7ff61d38b11f-7ff61d38b14c RegSetValueExW RegCloseKey 2262->2269 2270 7ff61d38b152-7ff61d38b190 RegCreateKeyExW 2262->2270 2269->2270 2271 7ff61d38b192-7ff61d38b1c1 RegSetValueExW RegCloseKey 2270->2271 2272 7ff61d38b1c7-7ff61d38b209 RegCreateKeyExW 2270->2272 2271->2272 2273 7ff61d38b240-7ff61d38b282 RegCreateKeyExW 2272->2273 2274 7ff61d38b20b-7ff61d38b23a RegSetValueExW RegCloseKey 2272->2274 2275 7ff61d38b284-7ff61d38b2b3 RegSetValueExW RegCloseKey 2273->2275 2276 7ff61d38b2b9-7ff61d38b2fb RegCreateKeyExW 2273->2276 2274->2273 2275->2276 2277 7ff61d38b332-7ff61d38b374 RegCreateKeyExW 2276->2277 2278 7ff61d38b2fd-7ff61d38b32c RegSetValueExW RegCloseKey 2276->2278 2279 7ff61d38b376-7ff61d38b3a5 RegSetValueExW RegCloseKey 2277->2279 2280 7ff61d38b3ab-7ff61d38b3f4 RegCreateKeyExW 2277->2280 2278->2277 2279->2280 2281 7ff61d38b425-7ff61d38b467 RegCreateKeyExW 2280->2281 2282 7ff61d38b3f6-7ff61d38b41f RegSetValueExW RegCloseKey 2280->2282 2283 7ff61d38b469-7ff61d38b49b RegSetValueExW RegCloseKey 2281->2283 2284 7ff61d38b49d 2281->2284 2282->2281 2285 7ff61d38b4a0-7ff61d38b4b1 2283->2285 2284->2285 2286 7ff61d38b4b3-7ff61d38b4b6 2285->2286 2287 7ff61d38b4bd 2285->2287 2286->2287 2287->2253
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseCreateValue
                                                                                                                                                                                                                                          • String ID: InstallerLanguage$InstallerLanguageDWORD$Language$ProcessLasso$SOFTWARE\ProcessLasso$Software\%s$Software\ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 1818849710-2766884324
                                                                                                                                                                                                                                          • Opcode ID: 58c9f489a129afe088e8532a53f558595c06ad4315161c04e129007e7f002bdd
                                                                                                                                                                                                                                          • Instruction ID: 9777d1bd91b5703f80e7a6f6fb5b98b09a9a14998c72112467cf0048abd302b3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 58c9f489a129afe088e8532a53f558595c06ad4315161c04e129007e7f002bdd
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4FD13276A18F518AE7609F60E44475DB7B4FB89BA8F400235EA5D83B68EF3CD548CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38FEF0 Relevance: 44.0, APIs: 22, Strings: 3, Instructions: 209registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 2288 7ff61d38fef0-7ff61d38ff30 call 7ff61d3819d0 2291 7ff61d3902a4-7ff61d3902af call 7ff61d381810 2288->2291 2292 7ff61d38ff36-7ff61d38ff77 RegOpenKeyExW 2288->2292 2296 7ff61d38ffd4-7ff61d390002 RegOpenKeyExW 2292->2296 2297 7ff61d38ff79-7ff61d38ffb9 RegQueryValueExW 2292->2297 2300 7ff61d390261-7ff61d39026d 2296->2300 2301 7ff61d390008-7ff61d390048 RegQueryValueExW 2296->2301 2298 7ff61d38ffc3-7ff61d38ffce RegCloseKey 2297->2298 2299 7ff61d38ffbb-7ff61d38ffc1 RegCloseKey 2297->2299 2298->2296 2298->2300 2299->2296 2302 7ff61d39026f-7ff61d390272 2300->2302 2303 7ff61d390278-7ff61d3902a3 call 7ff61d3af660 2300->2303 2304 7ff61d39004e-7ff61d390059 RegCloseKey 2301->2304 2305 7ff61d39025a-7ff61d390260 RegCloseKey 2301->2305 2302->2303 2304->2300 2307 7ff61d39005f-7ff61d390063 2304->2307 2305->2300 2308 7ff61d390066-7ff61d39006e 2307->2308 2308->2308 2310 7ff61d390070-7ff61d3900c2 call 7ff61d3826a0 RegCreateKeyExW 2308->2310 2313 7ff61d390111-7ff61d39013a RegOpenKeyExW 2310->2313 2314 7ff61d3900c4-7ff61d3900c7 2310->2314 2316 7ff61d3901ba-7ff61d3901e2 RegOpenKeyExW 2313->2316 2317 7ff61d39013c-7ff61d390172 RegQueryValueExW RegCloseKey 2313->2317 2315 7ff61d3900d0-7ff61d3900d9 2314->2315 2315->2315 2318 7ff61d3900db-7ff61d39010b RegSetValueExW RegCloseKey 2315->2318 2316->2300 2320 7ff61d3901e4-7ff61d390218 RegQueryValueExW RegCloseKey 2316->2320 2317->2316 2319 7ff61d390174-7ff61d39019b RegOpenKeyExW 2317->2319 2318->2313 2319->2316 2321 7ff61d39019d-7ff61d3901b4 RegDeleteValueW RegCloseKey 2319->2321 2320->2300 2322 7ff61d39021a-7ff61d390241 RegOpenKeyExW 2320->2322 2321->2316 2322->2300 2323 7ff61d390243-7ff61d390255 RegDeleteValueW 2322->2323 2323->2305
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$Value$Open$Query$Delete$CreateHeapProcess
                                                                                                                                                                                                                                          • String ID: ConfigFolder$ConfigFolderEx$Software\ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 1838264270-1791053950
                                                                                                                                                                                                                                          • Opcode ID: 4a8732ae61fb1e5e7160e33aa54e1160c69df76573f4a378cb5a9bb369cfab4d
                                                                                                                                                                                                                                          • Instruction ID: d2b85c7d89dbf70e5ca92d0f7feed045439c4504eb12e2c8d82d19851e55f550
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4a8732ae61fb1e5e7160e33aa54e1160c69df76573f4a378cb5a9bb369cfab4d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D4B11E36A08F5186E710DF64E4446ADB7B4FB89BA4F804236DA8D93B68EF7CD544CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D386C90 Relevance: 38.6, APIs: 16, Strings: 6, Instructions: 136registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$CreateValue
                                                                                                                                                                                                                                          • String ID: 14.0.3.3 BETA$DisplayVersion$SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ProcessLasso$Version$VersionMajor$VersionMinor
                                                                                                                                                                                                                                          • API String ID: 1009429713-2270248258
                                                                                                                                                                                                                                          • Opcode ID: edf2db8821a4d3a79d1ff8def5fd300a3b668e0461a7e38e0022a332657d428d
                                                                                                                                                                                                                                          • Instruction ID: b6e72abff06a74b0060d55111d639cf6e64fbfbc9a83ab526b8271b5fbac3b01
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: edf2db8821a4d3a79d1ff8def5fd300a3b668e0461a7e38e0022a332657d428d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7D615572618F4282E7208F25F44475AB7A4FB89BA4F941235E68D87B68EF3CD148DF44
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D390790 Relevance: 30.2, APIs: 12, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 2379 7ff61d390790-7ff61d3908c9 call 7ff61d3cd4a0 * 5 call 7ff61d3af39c call 7ff61d3ada20 call 7ff61d3a74e0 call 7ff61d3819d0 2398 7ff61d3908cf-7ff61d3908eb call 7ff61d3819d0 2379->2398 2399 7ff61d391002-7ff61d39100c call 7ff61d381810 2379->2399 2403 7ff61d39100d-7ff61d391017 call 7ff61d381810 2398->2403 2408 7ff61d3908f1-7ff61d39090d call 7ff61d3819d0 2398->2408 2399->2403 2409 7ff61d391018-7ff61d391022 call 7ff61d381810 2403->2409 2408->2409 2416 7ff61d390913-7ff61d39092f call 7ff61d3819d0 2408->2416 2415 7ff61d391023-7ff61d39102d call 7ff61d381810 2409->2415 2420 7ff61d39102e-7ff61d391038 call 7ff61d381810 2415->2420 2416->2415 2426 7ff61d390935-7ff61d390951 call 7ff61d3819d0 2416->2426 2425 7ff61d391039-7ff61d391043 call 7ff61d381810 2420->2425 2430 7ff61d391044-7ff61d39104e call 7ff61d381810 2425->2430 2426->2420 2435 7ff61d390957-7ff61d390973 call 7ff61d3819d0 2426->2435 2436 7ff61d39104f-7ff61d391059 call 7ff61d381810 2430->2436 2435->2425 2443 7ff61d390979-7ff61d390995 call 7ff61d3819d0 2435->2443 2442 7ff61d39105a-7ff61d391064 call 7ff61d381810 2436->2442 2447 7ff61d391065-7ff61d39106f call 7ff61d381810 2442->2447 2443->2430 2452 7ff61d39099b-7ff61d3909c9 call 7ff61d3819d0 2443->2452 2453 7ff61d391070-7ff61d39107a call 7ff61d381810 2447->2453 2452->2436 2462 7ff61d3909cf-7ff61d3909eb call 7ff61d3819d0 2452->2462 2457 7ff61d39107b-7ff61d391085 call 7ff61d381810 2453->2457 2463 7ff61d391086-7ff61d391090 call 7ff61d381810 2457->2463 2462->2442 2470 7ff61d3909f1-7ff61d390a0d call 7ff61d3819d0 2462->2470 2468 7ff61d391091-7ff61d39109b call 7ff61d381810 2463->2468 2474 7ff61d39109c-7ff61d3910d4 call 7ff61d381810 call 7ff61d3a4fc0 2468->2474 2470->2447 2479 7ff61d390a13-7ff61d390a2f call 7ff61d3819d0 2470->2479 2479->2453 2485 7ff61d390a35-7ff61d390a51 call 7ff61d3819d0 2479->2485 2485->2457 2489 7ff61d390a57-7ff61d390a73 call 7ff61d3819d0 2485->2489 2489->2463 2493 7ff61d390a79-7ff61d390a95 call 7ff61d3819d0 2489->2493 2493->2468 2497 7ff61d390a9b-7ff61d390ab7 call 7ff61d3819d0 2493->2497 2497->2474 2501 7ff61d390abd-7ff61d390ad9 call 7ff61d3819d0 2497->2501 2505 7ff61d390adf-7ff61d390fe3 call 7ff61d3af39c * 2 call 7ff61d3aed5c call 7ff61d3af39c * 2 call 7ff61d3aed5c * 3 GetSystemInfo call 7ff61d382130 call 7ff61d3ba558 InitializeCriticalSection * 8 call 7ff61d391890 CreateEventW * 3 call 7ff61d3a0100 2501->2505 2506 7ff61d390ff7-7ff61d391001 call 7ff61d381810 2501->2506 2533 7ff61d390fe8-7ff61d390ff6 2505->2533 2506->2399
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: LoadLibraryW.KERNELBASE(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A75C5
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A75D8
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A75EF
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7606
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A761D
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7634
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A764B
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7662
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7679
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A7690
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A76A7
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A76BE
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A74E0: GetProcAddress.KERNEL32(?,?,?,00007FF61D3908BD,?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D3A76D5
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3CC
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3D2
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: _set_fmode.LIBCMT ref: 00007FF61D3AF3EF
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: _RTC_Initialize.LIBCMT ref: 00007FF61D3AF410
                                                                                                                                                                                                                                          • GetSystemInfo.KERNELBASE(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390E8C
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3BA558: _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D3BA58B
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390EEA
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390EF7
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390F04
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390F11
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390F1E
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390F2B
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390F38
                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390F45
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D391890: RegCreateKeyExW.KERNELBASE ref: 00007FF61D391A1A
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D391890: RegQueryValueExW.KERNELBASE ref: 00007FF61D391A5C
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D391890: RegCloseKey.ADVAPI32 ref: 00007FF61D391A72
                                                                                                                                                                                                                                          • CreateEventW.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390F99
                                                                                                                                                                                                                                          • CreateEventW.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390FB4
                                                                                                                                                                                                                                          • CreateEventW.KERNEL32(?,?,?,?,?,?,?,00007FF61D3815E9), ref: 00007FF61D390FCF
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressProc$Initialize$CriticalSection$Create$Event$Concurrency::cancel_current_task$CloseHeapInfoLibraryLoadProcessQuerySystemValue_invalid_parameter_noinfo_set_fmode
                                                                                                                                                                                                                                          • String ID: Lasso777$Lasso888_2$ProcessLasso$processlasso.exe${49da4c63-c475-4b6c-83f3-c78a9fe813c2}
                                                                                                                                                                                                                                          • API String ID: 3085513432-3393618270
                                                                                                                                                                                                                                          • Opcode ID: 7babea66c910eb5b01601c36cdbfc785b0ec165bf2f0d869bea3bd18d26006c3
                                                                                                                                                                                                                                          • Instruction ID: 6757a9149ae536af71fbfa859ca36b99a237d71543dbcf531f398385461375ba
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7babea66c910eb5b01601c36cdbfc785b0ec165bf2f0d869bea3bd18d26006c3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7342E332D19F5A81E6409B29EC81279F3A4BF9BF64F544239D58CD22A2FFBCA5508341
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38EA90 Relevance: 30.0, APIs: 14, Strings: 3, Instructions: 243memorycomCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 2702 7ff61d38ea90-7ff61d38eabc 2703 7ff61d38eabe-7ff61d38ead5 call 7ff61d38aca0 * 2 2702->2703 2704 7ff61d38eadc-7ff61d38eae3 2702->2704 2703->2704 2706 7ff61d38eae5-7ff61d38eae7 2704->2706 2707 7ff61d38eaec-7ff61d38eaf7 call 7ff61d3819d0 2704->2707 2708 7ff61d38ebab-7ff61d38ebcb call 7ff61d3af660 2706->2708 2714 7ff61d38ee1a-7ff61d38ee24 call 7ff61d381810 2707->2714 2715 7ff61d38eafd-7ff61d38eb12 2707->2715 2723 7ff61d38ee25-7ff61d38ee2f call 7ff61d3aff20 2714->2723 2721 7ff61d38eb32-7ff61d38eb39 2715->2721 2722 7ff61d38eb14-7ff61d38eb2b call 7ff61d38aca0 * 2 2715->2722 2726 7ff61d38eb85 2721->2726 2727 7ff61d38eb3b-7ff61d38eb70 CoInitializeEx CoCreateInstance 2721->2727 2722->2721 2735 7ff61d38ee30-7ff61d38ee3a call 7ff61d3aff20 2723->2735 2728 7ff61d38eb87-7ff61d38eb9c 2726->2728 2731 7ff61d38eb72-7ff61d38eb80 call 7ff61d3829a0 2727->2731 2732 7ff61d38ebcc-7ff61d38ec9c VariantInit * 4 2727->2732 2733 7ff61d38eb9e-7ff61d38eba1 2728->2733 2734 7ff61d38eba8 2728->2734 2731->2726 2739 7ff61d38eca3-7ff61d38ecd5 VariantClear * 4 2732->2739 2733->2734 2734->2708 2745 7ff61d38ee3b-7ff61d38ee45 call 7ff61d3aff20 2735->2745 2742 7ff61d38ecff-7ff61d38ed18 call 7ff61d3af39c 2739->2742 2743 7ff61d38ecd7-7ff61d38ece5 call 7ff61d3829a0 2739->2743 2750 7ff61d38ed1a-7ff61d38ed44 SysAllocString 2742->2750 2751 7ff61d38ed4c 2742->2751 2749 7ff61d38ecea-7ff61d38ecfa CoUninitialize 2743->2749 2749->2726 2750->2723 2753 7ff61d38ed4a 2750->2753 2754 7ff61d38ed4f-7ff61d38ed57 2751->2754 2753->2754 2754->2745 2756 7ff61d38ed5d-7ff61d38ed7c call 7ff61d38d790 2754->2756 2756->2749 2760 7ff61d38ed82-7ff61d38ed8a 2756->2760 2761 7ff61d38edf9-7ff61d38ee15 CoUninitialize 2760->2761 2762 7ff61d38ed8c-7ff61d38eda1 call 7ff61d3af39c 2760->2762 2761->2728 2766 7ff61d38edd1 2762->2766 2767 7ff61d38eda3-7ff61d38edcd SysAllocString 2762->2767 2769 7ff61d38edd4-7ff61d38eddc 2766->2769 2767->2735 2768 7ff61d38edcf 2767->2768 2768->2769 2769->2745 2771 7ff61d38edde-7ff61d38edf4 call 7ff61d38d790 2769->2771 2771->2761
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          • ITaskService::Connect failed: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!, xrefs: 00007FF61D38ECDA
                                                                                                                                                                                                                                          • Session agent for Process Lasso, xrefs: 00007FF61D38EDBA
                                                                                                                                                                                                                                          • ITaskService creation failure: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!, xrefs: 00007FF61D38EB75
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Variant$ClearInit$ConditionMask$AllocStringUninitialize$CreateHeapInfoInitializeInstanceProcessVerifyVersion
                                                                                                                                                                                                                                          • String ID: ITaskService creation failure: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!$ITaskService::Connect failed: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!$Session agent for Process Lasso
                                                                                                                                                                                                                                          • API String ID: 3355186796-1443162280
                                                                                                                                                                                                                                          • Opcode ID: e1305052fe15fae8ea5ed326aa437975a1e57b8d2df5fee7f28a91c5d7ba009c
                                                                                                                                                                                                                                          • Instruction ID: 1087d585e3936bed1b16d6779eb469b4ee7ec669de74c8b764cdd0f07b11685d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e1305052fe15fae8ea5ed326aa437975a1e57b8d2df5fee7f28a91c5d7ba009c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5DB19332A08F8686EB418F35D8401A9B3B1FF96B64F545236EA4D936A5FF3CE584C710
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A0FC0 Relevance: 27.1, APIs: 12, Strings: 3, Instructions: 895filewindowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Create$CloseHandleVolume_invalid_parameter_noinfo$Concurrency::cancel_current_taskMessageMountNamePointReadSizeSleep_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                          • String ID: Process Lasso$Sanity check block$\
                                                                                                                                                                                                                                          • API String ID: 1352462829-2199912012
                                                                                                                                                                                                                                          • Opcode ID: c073078c91c926473789df5c14801068a89a0b9675c4fefa06db9688144bca86
                                                                                                                                                                                                                                          • Instruction ID: e7bdcd9ab0ef8c98516c4e0149c58908a7c090ad2a92f06b7c4243fd6b2e7931
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c073078c91c926473789df5c14801068a89a0b9675c4fefa06db9688144bca86
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BF823B72B09E8286EF649F25C4442A9A3A1FB42FB4F448335DA2DC76E5EF38E545C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38EE50 Relevance: 24.3, APIs: 16, Instructions: 279commemoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 3319 7ff61d38ee50-7ff61d38ee8c 3320 7ff61d38ee8e-7ff61d38eea5 call 7ff61d38aca0 * 2 3319->3320 3321 7ff61d38eeac-7ff61d38eeb3 3319->3321 3320->3321 3322 7ff61d38eeb9-7ff61d38eef4 CoInitializeEx CoCreateInstance 3321->3322 3323 7ff61d38f00c 3321->3323 3326 7ff61d38f006 CoUninitialize 3322->3326 3327 7ff61d38eefa-7ff61d38effa VariantInit * 4 VariantClear * 4 3322->3327 3328 7ff61d38f00e-7ff61d38f038 call 7ff61d3af660 3323->3328 3326->3323 3334 7ff61d38f039-7ff61d38f051 call 7ff61d3af39c 3327->3334 3335 7ff61d38effc-7ff61d38f000 3327->3335 3338 7ff61d38f082 3334->3338 3339 7ff61d38f053-7ff61d38f07a SysAllocString 3334->3339 3335->3326 3342 7ff61d38f085-7ff61d38f08c 3338->3342 3340 7ff61d38f080 3339->3340 3341 7ff61d38f268-7ff61d38f272 call 7ff61d3aff20 3339->3341 3340->3342 3343 7ff61d38f092-7ff61d38f0ba call 7ff61d38d790 3342->3343 3344 7ff61d38f25d-7ff61d38f267 call 7ff61d3aff20 3342->3344 3343->3326 3353 7ff61d38f0c0-7ff61d38f0e2 3343->3353 3344->3341 3353->3326 3356 7ff61d38f0e8-7ff61d38f108 3353->3356 3358 7ff61d38f113-7ff61d38f118 3356->3358 3359 7ff61d38f10a 3356->3359 3358->3359 3360 7ff61d38f11a 3358->3360 3359->3358 3361 7ff61d38f120-7ff61d38f16b VariantClear 3360->3361 3363 7ff61d38f20e-7ff61d38f214 3361->3363 3364 7ff61d38f171-7ff61d38f17c 3361->3364 3363->3361 3365 7ff61d38f21a 3363->3365 3366 7ff61d38f186-7ff61d38f188 3364->3366 3367 7ff61d38f223-7ff61d38f22a 3365->3367 3366->3363 3368 7ff61d38f18e-7ff61d38f1a2 3366->3368 3369 7ff61d38f232-7ff61d38f258 SysFreeString CoUninitialize 3367->3369 3370 7ff61d38f22c 3367->3370 3372 7ff61d38f204-7ff61d38f208 3368->3372 3373 7ff61d38f1a4-7ff61d38f1b2 call 7ff61d3b8dbc 3368->3373 3369->3328 3370->3369 3372->3363 3378 7ff61d38f1b4-7ff61d38f1f8 3373->3378 3379 7ff61d38f1fa-7ff61d38f1fe SysFreeString 3373->3379 3378->3367 3378->3379 3379->3372
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Variant$Clear$Init$ConditionMaskString$FreeUninitialize$AllocCreateInfoInitializeInstanceVerifyVersion
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2615741166-0
                                                                                                                                                                                                                                          • Opcode ID: 7543414c6a414dde470c92b0e065ff0f16086fa1c6509b926c165822b2481bcc
                                                                                                                                                                                                                                          • Instruction ID: b546c20e6c5ed4b5023ca759a7d9ce40bf15c8835864921460685c71259817c8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7543414c6a414dde470c92b0e065ff0f16086fa1c6509b926c165822b2481bcc
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 92D13C33A14F858AEB01CF75D8401ADB371FB86BA8F145236EA4D97A68EF39D585C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A8480 Relevance: 23.1, APIs: 5, Strings: 8, Instructions: 391COMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 3381 7ff61d3a8480-7ff61d3a84b0 3382 7ff61d3a84b2-7ff61d3a84b4 3381->3382 3383 7ff61d3a84b9-7ff61d3a84c4 call 7ff61d3819d0 3381->3383 3384 7ff61d3a8699-7ff61d3a86bd call 7ff61d3af660 3382->3384 3389 7ff61d3a86c4-7ff61d3a86ce call 7ff61d381810 3383->3389 3390 7ff61d3a84ca-7ff61d3a84e3 3383->3390 3394 7ff61d3a86cf-7ff61d3a86d9 call 7ff61d381810 3389->3394 3395 7ff61d3a84e5-7ff61d3a84e8 3390->3395 3396 7ff61d3a8508-7ff61d3a8534 call 7ff61d3a7310 call 7ff61d3a7f40 3390->3396 3405 7ff61d3a86da-7ff61d3a8749 call 7ff61d381810 call 7ff61d3a8480 3394->3405 3399 7ff61d3a84f0-7ff61d3a84f9 3395->3399 3408 7ff61d3a860a 3396->3408 3409 7ff61d3a853a-7ff61d3a854e 3396->3409 3399->3399 3402 7ff61d3a84fb-7ff61d3a8503 call 7ff61d3826a0 3399->3402 3402->3396 3422 7ff61d3a8757-7ff61d3a8762 call 7ff61d3819d0 3405->3422 3423 7ff61d3a874b-7ff61d3a8752 3405->3423 3411 7ff61d3a860f-7ff61d3a8628 call 7ff61d3b8dbc 3408->3411 3409->3411 3412 7ff61d3a8554-7ff61d3a855f call 7ff61d3819d0 3409->3412 3420 7ff61d3a863a 3411->3420 3421 7ff61d3a862a-7ff61d3a8630 call 7ff61d3a9550 3411->3421 3412->3405 3424 7ff61d3a8565-7ff61d3a8589 call 7ff61d3a7e20 3412->3424 3428 7ff61d3a863d-7ff61d3a8640 3420->3428 3429 7ff61d3a8635-7ff61d3a8638 3421->3429 3435 7ff61d3a8768-7ff61d3a8788 call 7ff61d3a7e20 3422->3435 3436 7ff61d3a89f6-7ff61d3a8a00 call 7ff61d381810 3422->3436 3426 7ff61d3a89c3-7ff61d3a89ea call 7ff61d3af660 3423->3426 3446 7ff61d3a858e-7ff61d3a8595 3424->3446 3432 7ff61d3a8642-7ff61d3a8658 3428->3432 3433 7ff61d3a8678-7ff61d3a8689 3428->3433 3429->3428 3438 7ff61d3a866f-7ff61d3a8677 call 7ff61d3af360 3432->3438 3439 7ff61d3a865a-7ff61d3a866d 3432->3439 3440 7ff61d3a8695 3433->3440 3441 7ff61d3a868b-7ff61d3a868e 3433->3441 3462 7ff61d3a87b8-7ff61d3a87cf 3435->3462 3463 7ff61d3a878a-7ff61d3a87a6 3435->3463 3438->3433 3439->3438 3443 7ff61d3a86be-7ff61d3a86c3 call 7ff61d3ba31c 3439->3443 3440->3384 3441->3440 3443->3389 3451 7ff61d3a85b1-7ff61d3a85bf 3446->3451 3452 7ff61d3a8597-7ff61d3a859f 3446->3452 3455 7ff61d3a85c1-7ff61d3a85c4 3451->3455 3456 7ff61d3a85ca-7ff61d3a85d1 3451->3456 3452->3394 3453 7ff61d3a85a5-7ff61d3a85af call 7ff61d3b8dbc 3452->3453 3453->3451 3464 7ff61d3a85dd-7ff61d3a85f5 3453->3464 3455->3456 3456->3408 3459 7ff61d3a85d3-7ff61d3a85d8 3456->3459 3459->3412 3467 7ff61d3a87d1-7ff61d3a87d4 3462->3467 3468 7ff61d3a87da-7ff61d3a87e9 3462->3468 3465 7ff61d3a87b1-7ff61d3a87b3 3463->3465 3466 7ff61d3a87a8-7ff61d3a87ab 3463->3466 3471 7ff61d3a8600-7ff61d3a8608 3464->3471 3472 7ff61d3a85f7-7ff61d3a85fa 3464->3472 3465->3426 3466->3465 3467->3468 3469 7ff61d3a87ef-7ff61d3a8816 call 7ff61d3819d0 3468->3469 3470 7ff61d3a889d 3468->3470 3477 7ff61d3a881c-7ff61d3a8835 call 7ff61d3a7e20 3469->3477 3478 7ff61d3a89eb-7ff61d3a89f5 call 7ff61d381810 3469->3478 3474 7ff61d3a88a4 3470->3474 3471->3428 3472->3471 3476 7ff61d3a88a8-7ff61d3a88b3 3474->3476 3479 7ff61d3a88b5-7ff61d3a88c0 3476->3479 3480 7ff61d3a88c2-7ff61d3a88ca 3476->3480 3489 7ff61d3a883a-7ff61d3a8840 3477->3489 3478->3436 3479->3480 3481 7ff61d3a88da-7ff61d3a88e1 3479->3481 3484 7ff61d3a88d2-7ff61d3a88d4 3480->3484 3486 7ff61d3a89c1 3481->3486 3487 7ff61d3a88e7-7ff61d3a8982 call 7ff61d3a8a10 RegCreateKeyExW 3481->3487 3484->3481 3484->3486 3486->3426 3501 7ff61d3a8984-7ff61d3a89ad RegSetValueExW RegCloseKey 3487->3501 3502 7ff61d3a89b3-7ff61d3a89bf LocalFree 3487->3502 3491 7ff61d3a8842-7ff61d3a8846 3489->3491 3492 7ff61d3a887d-7ff61d3a8889 3489->3492 3491->3492 3493 7ff61d3a8848-7ff61d3a8854 3491->3493 3495 7ff61d3a8894-7ff61d3a889b 3492->3495 3496 7ff61d3a888b-7ff61d3a888e 3492->3496 3497 7ff61d3a885f-7ff61d3a887b 3493->3497 3498 7ff61d3a8856-7ff61d3a8859 3493->3498 3495->3474 3496->3495 3497->3476 3498->3497 3501->3502 3502->3426
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID: Bitsum Highest Performance$CustomHighPerfGUID$GIa$GIa$Provides Bitsum optimized CPU performance.$Software\ProcessLasso$X$true
                                                                                                                                                                                                                                          • API String ID: 0-1380875779
                                                                                                                                                                                                                                          • Opcode ID: dae69f8cc02ddb109b54108c546232898ffefa308ef87178f9545af472cfeba8
                                                                                                                                                                                                                                          • Instruction ID: 75ffffa66094cba1caf836c721455622cfbf79548c0e6e2eb566a1d3dbaca886
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dae69f8cc02ddb109b54108c546232898ffefa308ef87178f9545af472cfeba8
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0FF19B72B08E4186EF109F29D4442ADA3A0FB46FA8F448235DE9D977A9EF3CD585C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A1D90 Relevance: 21.5, APIs: 10, Strings: 2, Instructions: 468filesleepCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Write$Close$BuffersChangeCreateErrorFindFlushHandleLastNotificationSleep
                                                                                                                                                                                                                                          • String ID: %s=%s$[%s]
                                                                                                                                                                                                                                          • API String ID: 4003643591-2213662286
                                                                                                                                                                                                                                          • Opcode ID: 7ed33d33626725b272603dc8647059913001e7fa8b9eee5225b8481a9727e421
                                                                                                                                                                                                                                          • Instruction ID: fee701534379f3ae89f7e961542e94e07c18493e8cbbe93584a629efec3a0b31
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7ed33d33626725b272603dc8647059913001e7fa8b9eee5225b8481a9727e421
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C5128D76B04E5286EB149F69C4842BDA3A0FB46FA8B445635DE1ED77E4EF38D805C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A04C0 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 139COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegOpenKeyExW.KERNELBASE ref: 00007FF61D3A0A55
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegQueryValueExW.KERNELBASE ref: 00007FF61D3A0A97
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegCloseKey.KERNELBASE ref: 00007FF61D3A0AA6
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegCloseKey.ADVAPI32 ref: 00007FF61D3A0ACF
                                                                                                                                                                                                                                          • SHGetSpecialFolderPathW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF61D390FE8), ref: 00007FF61D3A05B6
                                                                                                                                                                                                                                          • SHGetSpecialFolderPathW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF61D390FE8), ref: 00007FF61D3A05D8
                                                                                                                                                                                                                                          • SHCreateDirectoryExW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF61D390FE8), ref: 00007FF61D3A0645
                                                                                                                                                                                                                                          • SHCreateDirectoryExW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF61D390FE8), ref: 00007FF61D3A0658
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,00007FF61D390FE8), ref: 00007FF61D3A06A2
                                                                                                                                                                                                                                          • MoveFileExW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,00007FF61D390FE8), ref: 00007FF61D3A06C0
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseCreateDirectoryFileFolderPathSpecial$AttributesHeapMoveOpenProcessQueryValue
                                                                                                                                                                                                                                          • String ID: ConfigPathMigrationComplete
                                                                                                                                                                                                                                          • API String ID: 3247522341-180962690
                                                                                                                                                                                                                                          • Opcode ID: 0b9d115ad645d37546e3b94a99fb0612be88ac89356269c980df046df0d030aa
                                                                                                                                                                                                                                          • Instruction ID: be2fa2c7e42323e4aa325b6bd21e0ff31d68af601caaf745223da1d63b2506d3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0b9d115ad645d37546e3b94a99fb0612be88ac89356269c980df046df0d030aa
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 22617172B28E8281EF649F24D4512A9A360FF92F64F819235D65DC32E9FF2CD544CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D381090 Relevance: 42.2, APIs: 2, Strings: 22, Instructions: 230libraryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3CC
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3D2
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: _set_fmode.LIBCMT ref: 00007FF61D3AF3EF
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: _RTC_Initialize.LIBCMT ref: 00007FF61D3AF410
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3830F0: std::_Xinvalid_argument.LIBCPMT ref: 00007FF61D3830FB
                                                                                                                                                                                                                                          • LoadLibraryW.KERNELBASE ref: 00007FF61D38144D
                                                                                                                                                                                                                                          • GetModuleHandleW.KERNEL32 ref: 00007FF61D38148D
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Concurrency::cancel_current_task$HandleInitializeLibraryLoadModuleXinvalid_argument_set_fmodestd::_
                                                                                                                                                                                                                                          • String ID: Bulgarian$Chinese Simplified$Chinese Traditional$English$Error$Finnish$French$German$Italian$Japanese$Korean$Polish$Portuguese/Brazilian$ProcessLasso$ProcessLasso$Russian$SOFTWARE\%s$SOFTWARE\ProcessLasso$Slovenian$Spanish$Turkish$pl_rsrc_english.dll
                                                                                                                                                                                                                                          • API String ID: 4046792538-3671896296
                                                                                                                                                                                                                                          • Opcode ID: 8d78a6217ac2a9b96aac59b02afcfbc22bea8a8ba4b13e573d670f39a120e29d
                                                                                                                                                                                                                                          • Instruction ID: 400f4ac9286d2af72582763ba9b9dc4910f3fcef6ff0c15de75e55ddf68686e2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8d78a6217ac2a9b96aac59b02afcfbc22bea8a8ba4b13e573d670f39a120e29d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 90C15B72A09F4589E740CF11E8402A9B7B4FB4AB68F904235EA8C937A5FF7CD595C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3910F0 Relevance: 30.2, APIs: 15, Strings: 2, Instructions: 432COMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 2534 7ff61d3910f0-7ff61d39110c 2535 7ff61d39110e CloseHandle 2534->2535 2536 7ff61d391114-7ff61d391120 2534->2536 2535->2536 2537 7ff61d39112f-7ff61d391139 2536->2537 2538 7ff61d391122-7ff61d391128 CloseHandle 2536->2538 2539 7ff61d39115b-7ff61d391164 CloseHandle 2537->2539 2540 7ff61d39113b-7ff61d391159 CreateEventW 2537->2540 2538->2537 2541 7ff61d39116b-7ff61d391175 2539->2541 2540->2539 2540->2541 2542 7ff61d391197-7ff61d3911a0 CloseHandle 2541->2542 2543 7ff61d391177-7ff61d391195 CreateEventW 2541->2543 2544 7ff61d3911a7-7ff61d3912d8 DeleteCriticalSection * 8 call 7ff61d3821b0 call 7ff61d3aed58 * 3 call 7ff61d3a41c0 call 7ff61d3821b0 call 7ff61d382e60 call 7ff61d3af360 call 7ff61d3a4330 call 7ff61d3a44a0 call 7ff61d3a4600 call 7ff61d3a4780 call 7ff61d3a4600 * 2 2542->2544 2543->2542 2543->2544 2573 7ff61d391327-7ff61d39136d call 7ff61d3821b0 * 5 2544->2573 2574 7ff61d3912da-7ff61d3912ef 2544->2574 2593 7ff61d39136f-7ff61d391384 2573->2593 2594 7ff61d3913bc-7ff61d3913f6 call 7ff61d3821b0 * 4 2573->2594 2575 7ff61d3912f1-7ff61d391304 2574->2575 2576 7ff61d39130d-7ff61d391320 call 7ff61d3af360 2574->2576 2578 7ff61d39187f-7ff61d391884 call 7ff61d3ba31c 2575->2578 2579 7ff61d39130a 2575->2579 2576->2573 2579->2576 2595 7ff61d3913a2-7ff61d3913b5 call 7ff61d3af360 2593->2595 2596 7ff61d391386-7ff61d391399 2593->2596 2608 7ff61d391445-7ff61d39144f 2594->2608 2609 7ff61d3913f8-7ff61d39140d 2594->2609 2595->2594 2596->2578 2599 7ff61d39139f 2596->2599 2599->2595 2612 7ff61d39149e-7ff61d3914b4 call 7ff61d3821b0 2608->2612 2613 7ff61d391451-7ff61d391466 2608->2613 2610 7ff61d39140f-7ff61d391422 2609->2610 2611 7ff61d39142b-7ff61d39143e call 7ff61d3af360 2609->2611 2610->2578 2615 7ff61d391428 2610->2615 2611->2608 2624 7ff61d391503-7ff61d391525 call 7ff61d3821b0 call 7ff61d3aed58 2612->2624 2625 7ff61d3914b6-7ff61d3914cb 2612->2625 2617 7ff61d391484-7ff61d391497 call 7ff61d3af360 2613->2617 2618 7ff61d391468-7ff61d39147b 2613->2618 2615->2611 2617->2612 2618->2578 2619 7ff61d391481 2618->2619 2619->2617 2635 7ff61d391574-7ff61d391634 call 7ff61d3821b0 call 7ff61d3a4950 call 7ff61d3821b0 * 3 call 7ff61d3a4fc0 call 7ff61d3af360 call 7ff61d3a4600 call 7ff61d382e60 call 7ff61d3af360 2624->2635 2636 7ff61d391527-7ff61d39153c 2624->2636 2626 7ff61d3914e9-7ff61d3914fc call 7ff61d3af360 2625->2626 2627 7ff61d3914cd-7ff61d3914e0 2625->2627 2626->2624 2627->2578 2629 7ff61d3914e6 2627->2629 2629->2626 2662 7ff61d39163f-7ff61d391654 2635->2662 2663 7ff61d391636-7ff61d391639 2635->2663 2637 7ff61d39153e-7ff61d391551 2636->2637 2638 7ff61d39155a-7ff61d39156d call 7ff61d3af360 2636->2638 2637->2578 2640 7ff61d391557 2637->2640 2638->2635 2640->2638 2664 7ff61d39165f-7ff61d391674 2662->2664 2665 7ff61d391656-7ff61d391659 2662->2665 2663->2662 2666 7ff61d39167f-7ff61d391694 2664->2666 2667 7ff61d391676-7ff61d391679 2664->2667 2665->2664 2668 7ff61d39169f-7ff61d3916b4 2666->2668 2669 7ff61d391696-7ff61d391699 2666->2669 2667->2666 2670 7ff61d3916bf-7ff61d3916d4 2668->2670 2671 7ff61d3916b6-7ff61d3916b9 2668->2671 2669->2668 2672 7ff61d3916df-7ff61d3916f4 2670->2672 2673 7ff61d3916d6-7ff61d3916d9 2670->2673 2671->2670 2674 7ff61d3916ff-7ff61d391714 2672->2674 2675 7ff61d3916f6-7ff61d3916f9 2672->2675 2673->2672 2676 7ff61d39171f-7ff61d391734 2674->2676 2677 7ff61d391716-7ff61d391719 2674->2677 2675->2674 2678 7ff61d39173f-7ff61d391760 call 7ff61d3821b0 2676->2678 2679 7ff61d391736-7ff61d391739 2676->2679 2677->2676 2682 7ff61d391762-7ff61d391765 2678->2682 2683 7ff61d39176b-7ff61d391780 2678->2683 2679->2678 2682->2683 2684 7ff61d391782-7ff61d391785 2683->2684 2685 7ff61d39178b-7ff61d3917a0 2683->2685 2684->2685 2686 7ff61d3917a2-7ff61d3917a5 2685->2686 2687 7ff61d3917ab-7ff61d3917c0 2685->2687 2686->2687 2688 7ff61d3917c2-7ff61d3917c5 2687->2688 2689 7ff61d3917cb-7ff61d3917e0 2687->2689 2688->2689 2690 7ff61d3917e2-7ff61d3917e5 2689->2690 2691 7ff61d3917eb-7ff61d391800 2689->2691 2690->2691 2692 7ff61d391802-7ff61d391805 2691->2692 2693 7ff61d39180b-7ff61d39181e 2691->2693 2692->2693 2694 7ff61d391820-7ff61d391823 2693->2694 2695 7ff61d391829-7ff61d391830 call 7ff61d3a7990 2693->2695 2694->2695 2697 7ff61d391835-7ff61d391879 call 7ff61d3adb70 call 7ff61d382e60 2695->2697 2697->2578
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CriticalDeleteSection$CloseHandle$CreateEvent_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                          • String ID: Lasso888_2${49da4c63-c475-4b6c-83f3-c78a9fe813c2}
                                                                                                                                                                                                                                          • API String ID: 269693988-458680584
                                                                                                                                                                                                                                          • Opcode ID: d9a75992d51944875cbbd88535950cbfb685a3025f692815123c38c46b7f320a
                                                                                                                                                                                                                                          • Instruction ID: 89a07f8ae28df68afaee676226bcfb00beba76f8436dff6f38280f68b4422677
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d9a75992d51944875cbbd88535950cbfb685a3025f692815123c38c46b7f320a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 57227372715E81A2EE0DDF38C9951ACA369FB41FA0F404236D72D976E1EF28E665C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38B900 Relevance: 28.1, APIs: 12, Strings: 4, Instructions: 92registrylibrarywindowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$Load$OpenString$HandleLibraryMessageModuleQueryValue
                                                                                                                                                                                                                                          • String ID: DeleteFlag$MM-dd-yyyy$Process Lasso$SYSTEM\CurrentControlSet\Services\ProcessGovernor
                                                                                                                                                                                                                                          • API String ID: 1433741596-4018146772
                                                                                                                                                                                                                                          • Opcode ID: 9b42faf6782116bd3138778068ad10dcdcaa50efe0978f6b17c3d5a1a285f758
                                                                                                                                                                                                                                          • Instruction ID: 9e3407e2fc6697b0b17a570f7e9d47595baaaeaf8970931e219938e1b4e9fd86
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9b42faf6782116bd3138778068ad10dcdcaa50efe0978f6b17c3d5a1a285f758
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 10413535A1CE8282EB609B52E45076AF3A4FF86FA4F844235D98D837A4EF7CD505DB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A0C50 Relevance: 26.5, APIs: 9, Strings: 6, Instructions: 243COMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 3154 7ff61d3a0c50-7ff61d3a0c94 call 7ff61d3819d0 3157 7ff61d3a0e27-7ff61d3a0e5a call 7ff61d381810 3154->3157 3158 7ff61d3a0c9a-7ff61d3a0cd8 GetModuleHandleW GetModuleFileNameW 3154->3158 3168 7ff61d3a0e67-7ff61d3a0e73 call 7ff61d3a0c50 3157->3168 3169 7ff61d3a0e5c-7ff61d3a0e65 GetFileAttributesW 3157->3169 3162 7ff61d3a0cde-7ff61d3a0ce3 3158->3162 3163 7ff61d3a0d6b-7ff61d3a0d86 SHGetSpecialFolderPathW 3158->3163 3165 7ff61d3a0ce6-7ff61d3a0ced 3162->3165 3166 7ff61d3a0df8-7ff61d3a0e00 call 7ff61d382130 3163->3166 3167 7ff61d3a0d88-7ff61d3a0d8d 3163->3167 3165->3165 3171 7ff61d3a0cef-7ff61d3a0cf6 3165->3171 3187 7ff61d3a0e01-7ff61d3a0e26 call 7ff61d3af660 3166->3187 3173 7ff61d3a0d90-7ff61d3a0d98 3167->3173 3175 7ff61d3a0e78-7ff61d3a0e9c call 7ff61d383dc0 3168->3175 3169->3168 3174 7ff61d3a0ea7-7ff61d3a0eb2 3169->3174 3176 7ff61d3a0d13-7ff61d3a0d1b 3171->3176 3177 7ff61d3a0cf8-7ff61d3a0cfe 3171->3177 3173->3173 3181 7ff61d3a0d9a-7ff61d3a0dae call 7ff61d3826a0 3173->3181 3178 7ff61d3a0ebf-7ff61d3a0ecb call 7ff61d3a0c50 3174->3178 3179 7ff61d3a0eb4-7ff61d3a0ebd GetFileAttributesW 3174->3179 3175->3174 3200 7ff61d3a0e9e-7ff61d3a0ea1 3175->3200 3189 7ff61d3a0d20-7ff61d3a0d28 3176->3189 3183 7ff61d3a0d00-7ff61d3a0d08 3177->3183 3184 7ff61d3a0d0c-7ff61d3a0d0e 3177->3184 3194 7ff61d3a0ed0-7ff61d3a0ef4 call 7ff61d383dc0 3178->3194 3179->3178 3185 7ff61d3a0eff-7ff61d3a0f0a 3179->3185 3203 7ff61d3a0db1-7ff61d3a0db9 3181->3203 3183->3177 3193 7ff61d3a0d0a 3183->3193 3184->3176 3190 7ff61d3a0f17-7ff61d3a0f23 call 7ff61d3a0c50 3185->3190 3191 7ff61d3a0f0c-7ff61d3a0f15 GetFileAttributesW 3185->3191 3189->3189 3197 7ff61d3a0d2a-7ff61d3a0d3a call 7ff61d3826a0 3189->3197 3205 7ff61d3a0f28-7ff61d3a0f4c call 7ff61d383dc0 3190->3205 3191->3190 3198 7ff61d3a0f57-7ff61d3a0f62 3191->3198 3193->3176 3194->3185 3216 7ff61d3a0ef6-7ff61d3a0ef9 3194->3216 3211 7ff61d3a0d41 3197->3211 3212 7ff61d3a0d3c-7ff61d3a0d3f 3197->3212 3206 7ff61d3a0f6f-7ff61d3a0f7b call 7ff61d3a0c50 3198->3206 3207 7ff61d3a0f64-7ff61d3a0f6d GetFileAttributesW 3198->3207 3200->3174 3203->3203 3209 7ff61d3a0dbb-7ff61d3a0dc6 call 7ff61d382880 3203->3209 3205->3198 3226 7ff61d3a0f4e-7ff61d3a0f51 3205->3226 3221 7ff61d3a0f80-7ff61d3a0fa2 call 7ff61d383dc0 3206->3221 3207->3206 3214 7ff61d3a0fad-7ff61d3a0fb4 3207->3214 3223 7ff61d3a0dc8 3209->3223 3224 7ff61d3a0ddc-7ff61d3a0df6 call 7ff61d382880 GetFileAttributesW 3209->3224 3219 7ff61d3a0d44-7ff61d3a0d4c 3211->3219 3218 7ff61d3a0d4e-7ff61d3a0d65 call 7ff61d382880 GetFileAttributesW 3212->3218 3216->3185 3218->3163 3218->3187 3219->3218 3219->3219 3221->3214 3234 7ff61d3a0fa4-7ff61d3a0fa7 3221->3234 3228 7ff61d3a0dd0-7ff61d3a0dd7 3223->3228 3224->3166 3224->3187 3226->3198 3228->3228 3232 7ff61d3a0dd9 3228->3232 3232->3224 3234->3214
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Attributes$Module$FolderHandleHeapNamePathProcessSpecial
                                                                                                                                                                                                                                          • String ID: \$\Windows Feed Discovered.wav$\Windows Pop-up Blocked.wav$\lower.wav$\media$\raise.wav
                                                                                                                                                                                                                                          • API String ID: 3181057009-3458111692
                                                                                                                                                                                                                                          • Opcode ID: 77b663d351fa4a68209a6182e155d086dc971dcae0c495efcf6aee8fc321258f
                                                                                                                                                                                                                                          • Instruction ID: a896f69f7b376f55f9b4daf1592098dc84cd0b7713775e3b562d30e05c2349e2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 77b663d351fa4a68209a6182e155d086dc971dcae0c495efcf6aee8fc321258f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 60A17E72B19E5281EE509B29D4446B9E360FF42FB4F405235EA6EC36E9EF2CE845C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38CD20 Relevance: 26.5, APIs: 9, Strings: 6, Instructions: 241fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 3235 7ff61d38cd20-7ff61d38cd75 SHGetSpecialFolderPathW 3236 7ff61d38cd77-7ff61d38cda8 CreateDirectoryW call 7ff61d3bafb4 CreateDirectoryW 3235->3236 3237 7ff61d38cdaa-7ff61d38cdc8 GetModuleHandleW GetModuleFileNameW 3235->3237 3239 7ff61d38ce02-7ff61d38ce0d call 7ff61d3819d0 3236->3239 3237->3239 3240 7ff61d38cdca-7ff61d38cdcf 3237->3240 3246 7ff61d38ce13-7ff61d38ce32 3239->3246 3247 7ff61d38d0b5-7ff61d38d0bf call 7ff61d381810 3239->3247 3243 7ff61d38cdd2-7ff61d38cdda 3240->3243 3243->3243 3245 7ff61d38cddc-7ff61d38cde3 3243->3245 3245->3239 3248 7ff61d38cde5-7ff61d38cdeb 3245->3248 3255 7ff61d38ce43-7ff61d38ce46 3246->3255 3256 7ff61d38ce34-7ff61d38ce41 call 7ff61d3823c0 3246->3256 3250 7ff61d38cdf9-7ff61d38cdfd 3248->3250 3251 7ff61d38cded-7ff61d38cdf5 3248->3251 3250->3239 3251->3248 3254 7ff61d38cdf7 3251->3254 3254->3239 3258 7ff61d38ce50-7ff61d38ce59 3255->3258 3261 7ff61d38ce6b-7ff61d38ce8f call 7ff61d382540 3256->3261 3258->3258 3260 7ff61d38ce5b-7ff61d38ce6a call 7ff61d3826a0 3258->3260 3260->3261 3266 7ff61d38ce90-7ff61d38ce99 3261->3266 3266->3266 3267 7ff61d38ce9b-7ff61d38ceba call 7ff61d382880 DeleteFileW 3266->3267 3270 7ff61d38cf0f-7ff61d38cf19 3267->3270 3271 7ff61d38cebc-7ff61d38cec0 3267->3271 3272 7ff61d38cf20-7ff61d38cf29 3270->3272 3273 7ff61d38cefe-7ff61d38cf0a call 7ff61d3826a0 3271->3273 3274 7ff61d38cec2-7ff61d38cec8 3271->3274 3272->3272 3275 7ff61d38cf2b-7ff61d38cf4a call 7ff61d382880 DeleteFileW 3272->3275 3273->3270 3274->3273 3276 7ff61d38ceca-7ff61d38cedf call 7ff61d382540 3274->3276 3282 7ff61d38cf9f-7ff61d38cfa9 3275->3282 3283 7ff61d38cf4c-7ff61d38cf50 3275->3283 3284 7ff61d38ceee-7ff61d38cefc 3276->3284 3285 7ff61d38cee1-7ff61d38cee7 3276->3285 3288 7ff61d38cfb0-7ff61d38cfb9 3282->3288 3286 7ff61d38cf8e-7ff61d38cf9a call 7ff61d3826a0 3283->3286 3287 7ff61d38cf52-7ff61d38cf58 3283->3287 3284->3270 3285->3284 3286->3282 3287->3286 3290 7ff61d38cf5a-7ff61d38cf6f call 7ff61d382540 3287->3290 3288->3288 3289 7ff61d38cfbb-7ff61d38cfda call 7ff61d382880 DeleteFileW 3288->3289 3296 7ff61d38d02a-7ff61d38d031 3289->3296 3297 7ff61d38cfdc-7ff61d38cfe0 3289->3297 3298 7ff61d38cf7e-7ff61d38cf8c 3290->3298 3299 7ff61d38cf71-7ff61d38cf77 3290->3299 3302 7ff61d38d034-7ff61d38d03d 3296->3302 3300 7ff61d38cfe2-7ff61d38cfe8 3297->3300 3301 7ff61d38d019-7ff61d38d025 call 7ff61d3826a0 3297->3301 3298->3282 3299->3298 3300->3301 3303 7ff61d38cfea-7ff61d38cfff call 7ff61d382540 3300->3303 3301->3296 3302->3302 3305 7ff61d38d03f-7ff61d38d066 call 7ff61d382880 DeleteFileW 3302->3305 3312 7ff61d38d00e-7ff61d38d017 3303->3312 3313 7ff61d38d001-7ff61d38d007 3303->3313 3310 7ff61d38d072-7ff61d38d07b 3305->3310 3311 7ff61d38d068-7ff61d38d071 3305->3311 3314 7ff61d38d089-7ff61d38d0b4 call 7ff61d3af660 3310->3314 3315 7ff61d38d07d-7ff61d38d083 3310->3315 3311->3310 3312->3296 3313->3312 3315->3314
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$Delete$CreateDirectoryModule$FolderHandleNamePathSpecial_invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: \$\ProcessLasso$\pl4sfx.exe$\pl4sfx_server.exe$\pl_debug.log$\pl_rsrc_temp.dll
                                                                                                                                                                                                                                          • API String ID: 2249168596-2889885024
                                                                                                                                                                                                                                          • Opcode ID: 78b3e4764fa7736b68dcde745cbd77655ef8b8e75295fc6b8e2e35abac2d87a7
                                                                                                                                                                                                                                          • Instruction ID: 056207259949084fe03c8dde2d8cd9e1b1002e61ca0d4c5cb84c8e6dc67c4190
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 78b3e4764fa7736b68dcde745cbd77655ef8b8e75295fc6b8e2e35abac2d87a7
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FAB19F76A18F4282EB24DB15E4442A9A3A0FB46FA4F444331DA5EC37E8EF3CE545D780
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D384D30 Relevance: 23.1, APIs: 10, Strings: 3, Instructions: 305libraryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 3503 7ff61d384d30-7ff61d384d55 GetUserDefaultUILanguage 3504 7ff61d384d57-7ff61d384d60 3503->3504 3505 7ff61d384d7f-7ff61d384d88 call 7ff61d38adb0 3503->3505 3506 7ff61d384d64-7ff61d384d6c 3504->3506 3512 7ff61d384d8a-7ff61d384d90 call 7ff61d38b050 3505->3512 3513 7ff61d384d95-7ff61d384da0 3505->3513 3508 7ff61d384da5-7ff61d384db6 3506->3508 3509 7ff61d384d6e-7ff61d384d7d 3506->3509 3511 7ff61d384dc0-7ff61d384ddd 3508->3511 3509->3505 3509->3506 3515 7ff61d384de5-7ff61d384df0 call 7ff61d3819d0 3511->3515 3516 7ff61d384ddf 3511->3516 3512->3513 3513->3511 3519 7ff61d384df6-7ff61d384e27 call 7ff61d382130 3515->3519 3520 7ff61d3851c1-7ff61d3851cb call 7ff61d381810 3515->3520 3516->3515 3526 7ff61d384e49-7ff61d384e56 3519->3526 3527 7ff61d384e29-7ff61d384e2c 3519->3527 3528 7ff61d384e8d 3526->3528 3529 7ff61d384e58-7ff61d384e5b 3526->3529 3530 7ff61d384e30-7ff61d384e34 3527->3530 3532 7ff61d384e90-7ff61d384e99 3528->3532 3531 7ff61d384e9b-7ff61d384eb3 call 7ff61d3826a0 call 7ff61d3819d0 3529->3531 3530->3526 3533 7ff61d384e36-7ff61d384e38 3530->3533 3544 7ff61d384eb9-7ff61d384ee5 3531->3544 3545 7ff61d3851b6-7ff61d3851c0 call 7ff61d381810 3531->3545 3532->3531 3532->3532 3534 7ff61d384e5d-7ff61d384e6e 3533->3534 3535 7ff61d384e3a-7ff61d384e47 3533->3535 3537 7ff61d384e75-7ff61d384e78 3534->3537 3538 7ff61d384e70-7ff61d384e73 3534->3538 3535->3526 3535->3530 3540 7ff61d384e80-7ff61d384e89 3537->3540 3538->3531 3540->3540 3542 7ff61d384e8b 3540->3542 3542->3531 3549 7ff61d384f4b-7ff61d384f7b call 7ff61d3cd4a0 GetModuleHandleW GetModuleFileNameW 3544->3549 3550 7ff61d384ee7-7ff61d384eec 3544->3550 3545->3520 3558 7ff61d384f7d-7ff61d384f82 3549->3558 3559 7ff61d384fb3-7ff61d384fba 3549->3559 3551 7ff61d384f38-7ff61d384f46 call 7ff61d3826a0 3550->3551 3552 7ff61d384eee-7ff61d384ef4 3550->3552 3551->3549 3552->3551 3554 7ff61d384ef6-7ff61d384f0c call 7ff61d382540 3552->3554 3565 7ff61d384f1b-7ff61d384f36 3554->3565 3566 7ff61d384f0e-7ff61d384f14 3554->3566 3560 7ff61d384f85-7ff61d384f8d 3558->3560 3562 7ff61d384fbc-7ff61d384fc6 3559->3562 3563 7ff61d384fe7-7ff61d384ffa LoadLibraryW 3559->3563 3560->3560 3564 7ff61d384f8f-7ff61d384f96 3560->3564 3567 7ff61d384fcd 3562->3567 3568 7ff61d384fc8-7ff61d384fcb 3562->3568 3569 7ff61d385132-7ff61d38514f call 7ff61d3af368 call 7ff61d3b9f0c 3563->3569 3570 7ff61d385000-7ff61d38500a 3563->3570 3564->3559 3571 7ff61d384f98-7ff61d384f9e 3564->3571 3565->3549 3566->3565 3574 7ff61d384fd0-7ff61d384fd9 3567->3574 3573 7ff61d384fdb-7ff61d384fe2 call 7ff61d3826a0 3568->3573 3590 7ff61d385152-7ff61d38515c 3569->3590 3575 7ff61d38500c-7ff61d38500f 3570->3575 3576 7ff61d385011 3570->3576 3579 7ff61d384fac-7ff61d384fae 3571->3579 3580 7ff61d384fa0-7ff61d384fa8 3571->3580 3573->3563 3574->3573 3574->3574 3577 7ff61d38501f-7ff61d38504e call 7ff61d3826a0 GetModuleHandleW GetModuleFileNameW 3575->3577 3578 7ff61d385014-7ff61d38501d 3576->3578 3588 7ff61d3850c0-7ff61d3850d5 LoadLibraryW 3577->3588 3589 7ff61d385050-7ff61d385058 3577->3589 3578->3577 3578->3578 3579->3559 3580->3571 3584 7ff61d384faa 3580->3584 3584->3559 3591 7ff61d3850db-7ff61d38512b call 7ff61d381ff0 call 7ff61d3820e0 LoadLibraryW MessageBoxW ExitProcess 3588->3591 3592 7ff61d38516e-7ff61d38517c 3588->3592 3593 7ff61d385060-7ff61d385068 3589->3593 3590->3590 3594 7ff61d38515e-7ff61d38516d call 7ff61d3826a0 3590->3594 3595 7ff61d385188-7ff61d385191 3592->3595 3596 7ff61d38517e-7ff61d385187 3592->3596 3593->3593 3598 7ff61d38506a-7ff61d385071 3593->3598 3594->3592 3601 7ff61d385193-7ff61d385199 3595->3601 3602 7ff61d38519f-7ff61d3851b5 3595->3602 3596->3595 3603 7ff61d385073-7ff61d385079 3598->3603 3604 7ff61d38508e-7ff61d3850bb call 7ff61d3ba91c * 2 3598->3604 3601->3602 3608 7ff61d38507b-7ff61d385083 3603->3608 3609 7ff61d385087-7ff61d385089 3603->3609 3604->3588 3608->3603 3612 7ff61d385085 3608->3612 3609->3604 3612->3604
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Module$FileHandleLibraryLoadName$DefaultLanguageUser
                                                                                                                                                                                                                                          • String ID: Process Lasso$There was an error loading the resource DLL pl_rsrc_english.dll!$\
                                                                                                                                                                                                                                          • API String ID: 620991952-3674810238
                                                                                                                                                                                                                                          • Opcode ID: 550da09db981b9f812f99aee2807b5fc9d2a7f4d65765dec5dfa5057589f9220
                                                                                                                                                                                                                                          • Instruction ID: 074215167ed07ee89af33edb7c4d557b9988f872631e760382141db6008736fc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 550da09db981b9f812f99aee2807b5fc9d2a7f4d65765dec5dfa5057589f9220
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 03D18A72A08E4682EA649B16D850278A3A1FF56FB4F444239CA4EC37E5FF3CE845D740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38F640 Relevance: 21.2, APIs: 6, Strings: 6, Instructions: 217registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Module$CloseEnvironmentFileHandleNameOpenQueryValueVariable
                                                                                                                                                                                                                                          • String ID: %s\$;\;$PATH$Path$SYSTEM\CurrentControlSet\Control\Session Manager\Environment$\
                                                                                                                                                                                                                                          • API String ID: 290741229-1266157770
                                                                                                                                                                                                                                          • Opcode ID: d97ad7a33c76b0473bf2fed685aea7423c2901101eb367efe1073d35f21ad741
                                                                                                                                                                                                                                          • Instruction ID: d2ae49bd330745daedb002f8f13ddce778e55d7a12a9b8c6200e26ea87eaae19
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d97ad7a33c76b0473bf2fed685aea7423c2901101eb367efe1073d35f21ad741
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 54A18632A18E4196EB10DB15D8401A9A360FF85FA4F805232EB8ED77A9EF7CD545CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3ADC20 Relevance: 17.9, APIs: 8, Strings: 2, Instructions: 434COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Processor$ActiveCount$InformationLogical$ErrorGroupLast
                                                                                                                                                                                                                                          • String ID: 12th$intel
                                                                                                                                                                                                                                          • API String ID: 1211918145-682579197
                                                                                                                                                                                                                                          • Opcode ID: 2944eaa3f7da5381586b981c499c7247fc2e12d1ed612a6751e73115f9994104
                                                                                                                                                                                                                                          • Instruction ID: 23095a8d4ca0e1a7e100419564a4239ef0f47265e254b0d30360128741585b29
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2944eaa3f7da5381586b981c499c7247fc2e12d1ed612a6751e73115f9994104
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8A12B032B04B828AEB90DF25E4486ADB7A5FB06FA4F054639DA5DD37A5EF38D450C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38F280 Relevance: 16.0, APIs: 5, Strings: 4, Instructions: 239registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Module$CloseFileHandleNameOpenQueryValue
                                                                                                                                                                                                                                          • String ID: %s;%s\;$Path$SYSTEM\CurrentControlSet\Control\Session Manager\Environment$\
                                                                                                                                                                                                                                          • API String ID: 744634649-978422326
                                                                                                                                                                                                                                          • Opcode ID: 58b12130117aaec3d10cda6b39aed45e889c86873cf67f50f0d8a6d010f47532
                                                                                                                                                                                                                                          • Instruction ID: cb1eaaac263374dca3c3ee17b0bb7140f6bdf7d67831b7ff949bf1de22b520f7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 58b12130117aaec3d10cda6b39aed45e889c86873cf67f50f0d8a6d010f47532
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6DB17332A18E4586EB10DF25D4441ADA3A0FB85FA4F404236EB4EC77A9EF7CE545CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D385FD0 Relevance: 15.9, APIs: 2, Strings: 7, Instructions: 145COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3CC
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3D2
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: _set_fmode.LIBCMT ref: 00007FF61D3AF3EF
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AF39C: _RTC_Initialize.LIBCMT ref: 00007FF61D3AF410
                                                                                                                                                                                                                                          • CreateEventW.KERNEL32 ref: 00007FF61D386192
                                                                                                                                                                                                                                          • CreateEventW.KERNEL32 ref: 00007FF61D3861A9
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Concurrency::cancel_current_taskCreateEvent$HeapInitializeProcess_set_fmode
                                                                                                                                                                                                                                          • String ID: %s\%s$%s\%s.%u$.csv$MaxLogFileSize$ProcessLasso$ProcessLasso\logs$prolasso.log
                                                                                                                                                                                                                                          • API String ID: 3915736307-2144866617
                                                                                                                                                                                                                                          • Opcode ID: 8c556b37f798e722e465decbccc7d696a6e10d0187703f18308c913ea50f388e
                                                                                                                                                                                                                                          • Instruction ID: 5469cd99ed551a0cadfee6ab01fceb5caca6cf254cbb4bff0c40c0ea389ac0a7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8c556b37f798e722e465decbccc7d696a6e10d0187703f18308c913ea50f388e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6F516C32A10F4186E700DF64E8816DD77B4FB45FA8F504226EB5D93AA5EF38E096C380
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A9550 Relevance: 14.2, APIs: 6, Strings: 2, Instructions: 162registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$EnumFromHeapInfoOpenProcessQueryStringUuid_invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: Bitsum Highest Performance$SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes
                                                                                                                                                                                                                                          • API String ID: 3830437141-3067282819
                                                                                                                                                                                                                                          • Opcode ID: 28a01bf15a15edeb6da9d6a6b574bb8259462787c66a3b6aface81c5c0635cfb
                                                                                                                                                                                                                                          • Instruction ID: 47ee3fa9d954141bcece02aa39f42c4a9a6771494aec6e2051413836af117ae5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 28a01bf15a15edeb6da9d6a6b574bb8259462787c66a3b6aface81c5c0635cfb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 87715036B04F4186EB109F65E8401AEB3B4FB85BA8F904136DE8D97B68EF38D545CB50
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A0E40 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 99COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AttributesFile
                                                                                                                                                                                                                                          • String ID: \Windows Feed Discovered.wav$\Windows Pop-up Blocked.wav$\lower.wav$\raise.wav
                                                                                                                                                                                                                                          • API String ID: 3188754299-1290990748
                                                                                                                                                                                                                                          • Opcode ID: b71626654154c43105409bd89df3f9a0b97a097cc16e70a3d71aebdcc5917d84
                                                                                                                                                                                                                                          • Instruction ID: 60f1231a3904ca730a4358f41ec066fe1190df29b07f668e4d10c437bbdb98b9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b71626654154c43105409bd89df3f9a0b97a097cc16e70a3d71aebdcc5917d84
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F9411C72A19E5282EA409B29D8446A9E361FF42FB4F505332E67DD36F8EF2CD845C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A92B0 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 71registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseOpenValue$Query$Delete
                                                                                                                                                                                                                                          • String ID: BHPUninstalled$Software\ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 185538076-1903073231
                                                                                                                                                                                                                                          • Opcode ID: 6a6098c0efc06320a18d9be439d80425e13c2985bf9753dce6a32a56d1ba019e
                                                                                                                                                                                                                                          • Instruction ID: 3af30151f5a7cb2961913a44dd0156e483d6893fd95308b6fb212a4eb442bd6d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6a6098c0efc06320a18d9be439d80425e13c2985bf9753dce6a32a56d1ba019e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 14313035B18E4281EF509B25E45576AE360FF86FA4F801131E98D877B9EF6CD545CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A7A70 Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 253COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FromString
                                                                                                                                                                                                                                          • String ID: FriendlyName$SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\%s
                                                                                                                                                                                                                                          • API String ID: 1694596556-2577785381
                                                                                                                                                                                                                                          • Opcode ID: 10b6e2ef6e3d722c706e85f8d86fae62185275aceee451de19d27f254f72e1ab
                                                                                                                                                                                                                                          • Instruction ID: fdf9e6cf2470c62b69546d73fee3d9e957d8e5748dcc059658955f37fd933455
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 10b6e2ef6e3d722c706e85f8d86fae62185275aceee451de19d27f254f72e1ab
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 28B1B472F09E4282EF118F25D4442BDA360FB82FA4F455235EA4EC36A9EF7CD9858740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38D560 Relevance: 12.4, APIs: 2, Strings: 5, Instructions: 159registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                          • SHDeleteKeyW.SHLWAPI ref: 00007FF61D38D70E
                                                                                                                                                                                                                                          • RegDeleteKeyW.ADVAPI32 ref: 00007FF61D38D71E
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3823C0: FindResourceExW.KERNEL32(?,00000000,?,00007FF61D382D6F,?,?,?,?,?,?,?,?,ProcessLasso,?,?,00007FF61D3829BD), ref: 00007FF61D38241D
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Delete$FindHeapProcessResource
                                                                                                                                                                                                                                          • String ID: ala$bitsum$lasso$park$pec
                                                                                                                                                                                                                                          • API String ID: 2862931263-204472767
                                                                                                                                                                                                                                          • Opcode ID: 1100b9b5aba720c1ba3579cd83305bb78e4971ea2b85585b25ff0d853ad96afb
                                                                                                                                                                                                                                          • Instruction ID: 853a267dc454e8c643ae7ff44b8962ede1a09e7bf4ef9099857830c2e136eaf1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1100b9b5aba720c1ba3579cd83305bb78e4971ea2b85585b25ff0d853ad96afb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0F519031F09E0285FE209F29A848278A390AF46FB8F445735EE5EC22D5FF7CE5419600
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D391890 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 122registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$CreateQueryValue
                                                                                                                                                                                                                                          • String ID: Bitsum Highest Performance$Software\ProcessLasso$ThemeLocked
                                                                                                                                                                                                                                          • API String ID: 2495337196-2025526020
                                                                                                                                                                                                                                          • Opcode ID: 762cb4467527ac076bed4e76552b1d7991b81e681caa26244bdbc2257cce830a
                                                                                                                                                                                                                                          • Instruction ID: 6a7ab185853fa0834cf69d0152cd199d9c62603fe0dadd9ad68c481bc387e23a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 762cb4467527ac076bed4e76552b1d7991b81e681caa26244bdbc2257cce830a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8381187391CA8286F7008B16E844365FBA0AF53B68F444138D48C866E6EFFDB949CB41
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38CAE0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 70processCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: HandleModule$CloseCreateFileInfoNameProcessStartup
                                                                                                                                                                                                                                          • String ID: /postupdate$\
                                                                                                                                                                                                                                          • API String ID: 2007878149-3400927517
                                                                                                                                                                                                                                          • Opcode ID: acdcc1493d407bc9ddd1c21ce5f64411d2e49589940068ad58a85a0de1f40c77
                                                                                                                                                                                                                                          • Instruction ID: 241398073ff8ff0f271b6b59f7b9a8d578ff4b19ce17480892c6610eda251a43
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: acdcc1493d407bc9ddd1c21ce5f64411d2e49589940068ad58a85a0de1f40c77
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 83312531A08E8285EB65CB15F45477AA3A0FF85FA4F804735DA9EC37A4EF6CD0548B40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38CC10 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 50registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$CreateQueryValue
                                                                                                                                                                                                                                          • String ID: DateTimeFormat$MM-dd-yyyy$Software\ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 2495337196-3896722804
                                                                                                                                                                                                                                          • Opcode ID: dac23d7710b43643c46ea94741b4b4f22414e76973ce227e903988545bf201e7
                                                                                                                                                                                                                                          • Instruction ID: 3c97b2ccca667d11fbf1e277c52d87f5a043f2876870369290d9859ac0038ec5
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dac23d7710b43643c46ea94741b4b4f22414e76973ce227e903988545bf201e7
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 70115472A08F4186EB509F61F44566AF3A0FB89BA4F900135EA8D87768EF7CD154CF40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D383380 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 179COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseOpen$AttributesCreateDirectoryFileFolderPathQuerySpecialValue
                                                                                                                                                                                                                                          • String ID: ProcessLasso$\$logs
                                                                                                                                                                                                                                          • API String ID: 162408085-3506783238
                                                                                                                                                                                                                                          • Opcode ID: d0ed6edbdaac2d717ae928d371bc1e1e6f56b52ba54117df315a8ed4d1e15dcd
                                                                                                                                                                                                                                          • Instruction ID: 32fc84269ae6e04699e1487c898be1c910c5383571da519e3df387bf1015712e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d0ed6edbdaac2d717ae928d371bc1e1e6f56b52ba54117df315a8ed4d1e15dcd
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A8717936B09E4586EB108F19D5442BDB3A0FB86FA0F518235CB2DD37A0EF78E5659780
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3997B9 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 102sleepCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AttributesCriticalFileLeaveSection$Sleep
                                                                                                                                                                                                                                          • String ID: P$P
                                                                                                                                                                                                                                          • API String ID: 687206237-159270896
                                                                                                                                                                                                                                          • Opcode ID: 3d816aea9a44f97c3a9930017866bcdb3ef58c72e8d9bb76ac71f5cd85016f96
                                                                                                                                                                                                                                          • Instruction ID: 8aa442c7bc322a409f3c6f90d8579ff7fda8b8ce58fcad3d77345850314a8013
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3d816aea9a44f97c3a9930017866bcdb3ef58c72e8d9bb76ac71f5cd85016f96
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 37412C32A09D0291FB04EB61D8911FEA761AF93BA4F804132D50ED25E6FE6DE94AD340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A0A10 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 53registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$OpenQueryValue
                                                                                                                                                                                                                                          • String ID: ConfigFolderEx$Software\ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 1607946009-3700276278
                                                                                                                                                                                                                                          • Opcode ID: dd4d329e150c2bbdf23ca9c6655eae807221e377a229846a1f7ea83e781a76bf
                                                                                                                                                                                                                                          • Instruction ID: 99e4fd49ef8bbbb767ebdc460787c5a365b5cb31f875fba7f357f88ce1dafc6c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dd4d329e150c2bbdf23ca9c6655eae807221e377a229846a1f7ea83e781a76bf
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 20213635A18F4286EB509B11E45076AE3A0FB86BA4F405235EA9E837A8FF7CD104CF40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38D470 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 53registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$CreateValue
                                                                                                                                                                                                                                          • String ID: Path$SYSTEM\CurrentControlSet\Control\Session Manager\Environment
                                                                                                                                                                                                                                          • API String ID: 1009429713-2840421589
                                                                                                                                                                                                                                          • Opcode ID: 0483e505f6818b499a54957270b51c7d9d649ba202cc49d0b36e737236a34727
                                                                                                                                                                                                                                          • Instruction ID: 3af851122af39c5b2032c809728c5dbf2fed133a101d5ef561ef8f9ce2ad1810
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0483e505f6818b499a54957270b51c7d9d649ba202cc49d0b36e737236a34727
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D1214472A08E4586EB509F25F44576AB3A0FB89B74F804231DAAD877A4EF7CD144CF00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D392420 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 44registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$OpenQueryValue
                                                                                                                                                                                                                                          • String ID: Software\ProcessLasso$UseFileSystemLocks
                                                                                                                                                                                                                                          • API String ID: 1607946009-1555210630
                                                                                                                                                                                                                                          • Opcode ID: 3c708219f874bad3b1131f6e70ab39e0a7c3b8df963d61fd81d607f87331c5a6
                                                                                                                                                                                                                                          • Instruction ID: f42c2d21d687753e95bb710e6afe4f3496cd5131039a8ab6e4aeca36a3300442
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3c708219f874bad3b1131f6e70ab39e0a7c3b8df963d61fd81d607f87331c5a6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D1111276A18E4186EB509F11E45576AB7A4FB86BA4FC01135FA8E47768EF3DD104CF00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A3050 Relevance: 9.1, APIs: 6, Instructions: 126fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$CloseCreateHandleSize
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1378416451-0
                                                                                                                                                                                                                                          • Opcode ID: 42f3bfffe2505105cf619b2a354811e9bdf68baf2481a94afb9782404ae184d2
                                                                                                                                                                                                                                          • Instruction ID: cb283a5c53f36a88282878a7a8033956db3d41f321ca7edd13affadf53bf3484
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 42f3bfffe2505105cf619b2a354811e9bdf68baf2481a94afb9782404ae184d2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8E515C35A1CE4296EA50EB51E5442B9A361FB87FB0F804231DA4ED27A5EF7CD54ACB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A0100 Relevance: 9.0, APIs: 2, Strings: 3, Instructions: 260COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AED70: GetCurrentThreadId.KERNEL32 ref: 00007FF61D3AEDC1
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AED70: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,00007FF61D3A013E), ref: 00007FF61D3AEDE0
                                                                                                                                                                                                                                          • std::_Throw_Cpp_error.LIBCPMT ref: 00007FF61D3A0483
                                                                                                                                                                                                                                          • std::_Throw_Cpp_error.LIBCPMT ref: 00007FF61D3A0498
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A3050: CreateFileW.KERNELBASE ref: 00007FF61D3A30C1
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3B8DBC: _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D3B8DD9
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Cpp_errorThrow_std::_$AcquireCreateCurrentExclusiveFileHeapLockProcessThread_invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: %s\%s$%s\%s\%s$prolasso.ini
                                                                                                                                                                                                                                          • API String ID: 4090743962-3231434878
                                                                                                                                                                                                                                          • Opcode ID: 6a3ad8550472f72a6c9d596b9efce0132157238046bf45cf864a5a8255640702
                                                                                                                                                                                                                                          • Instruction ID: 7c5c424150f174d85d2dee55caa8e69f4248cc118b41ada6f27a9eab0f36178a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6a3ad8550472f72a6c9d596b9efce0132157238046bf45cf864a5a8255640702
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 69B16C32B19E5282EE509B25D4442A9E3A0FF46FB4F444236EA5DC76E9EF6CE940C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A9870 Relevance: 9.0, APIs: 3, Strings: 2, Instructions: 234COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                          • GetModuleHandleW.KERNEL32(?,00007FF61D3880CA), ref: 00007FF61D3A98EB
                                                                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(?,00007FF61D3880CA), ref: 00007FF61D3A98FE
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(?,00007FF61D3880CA), ref: 00007FF61D3A9A20
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileModule$AttributesHandleHeapNameProcess
                                                                                                                                                                                                                                          • String ID: Session agent for Process Lasso$bitsumsessionagent.exe
                                                                                                                                                                                                                                          • API String ID: 782857251-204507972
                                                                                                                                                                                                                                          • Opcode ID: 0daa2f3b1a7f9f69b3ee4e0845e2f88ec1f996c726d809277776c04c15c33ec4
                                                                                                                                                                                                                                          • Instruction ID: 4e72cd2b548b4319048002537777620cfb5875ba3e7b04aa75756433ae2b0d86
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0daa2f3b1a7f9f69b3ee4e0845e2f88ec1f996c726d809277776c04c15c33ec4
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FC91B336B08E4286EB148B15D4502BDA3A0FB96FA4F404235DB4DD37A9EF7CE585C350
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AE280 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 69registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                                          • String ID: HARDWARE\DESCRIPTION\System\CentralProcessor\0$ProcessorNameString
                                                                                                                                                                                                                                          • API String ID: 3677997916-2804670039
                                                                                                                                                                                                                                          • Opcode ID: 94fa898606b13fb25a0559179ff60fc255f1baa6bc51421a8027be4f44579a87
                                                                                                                                                                                                                                          • Instruction ID: 9d3c7f29b8311c636426857b5cced695c88c812e0aede9bcb6979f45b9c502bb
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 94fa898606b13fb25a0559179ff60fc255f1baa6bc51421a8027be4f44579a87
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C2316D32718F4586EB509B15E4443AAF361FB86BA4F805231EA5D837E9EF7CD505CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D386F00 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 53registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CreateInitializeOpen
                                                                                                                                                                                                                                          • String ID: Software\ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 3581242030-2192838026
                                                                                                                                                                                                                                          • Opcode ID: 9738b1ead2fb6b6d730a0977f81f96b0554574610a2210f1915a5e22279d7cad
                                                                                                                                                                                                                                          • Instruction ID: 47a76e916e371b20c552e444f96921ba62e8dfe66aa742ef199194b421cc00a3
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9738b1ead2fb6b6d730a0977f81f96b0554574610a2210f1915a5e22279d7cad
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2821CDB2B18E8146F7609B71D8406A9B796FF45774F844235E94DC2A95EF3CD544CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D389A30 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseCreateDeleteValue
                                                                                                                                                                                                                                          • String ID: AddedToSystemPath$UpdateIsNowAvailable
                                                                                                                                                                                                                                          • API String ID: 1363933034-2291694170
                                                                                                                                                                                                                                          • Opcode ID: ab66018f10c2c9ba657f0c5eb1203d95fef8b9714fc67dfc60b8f4368005a0a7
                                                                                                                                                                                                                                          • Instruction ID: cc06b4c49dd36b64255bd1c03b8f13c970539ec324e3b979d7c76c769cfb5cea
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ab66018f10c2c9ba657f0c5eb1203d95fef8b9714fc67dfc60b8f4368005a0a7
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 87113072A1CE8682EB50CB15F89456AF3A0FB95BA4F805132E58DC6624FF7CE548CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A93F0 Relevance: 7.6, APIs: 5, Instructions: 67registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$FromOpenQueryStringValue
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2728539954-0
                                                                                                                                                                                                                                          • Opcode ID: 39e5959fbd98be97b91eb2f8a8cf09fee68a85b524f433fc34203a3049e8ee98
                                                                                                                                                                                                                                          • Instruction ID: bb321510e216ee9c6c2fe374107a8f8f9b22224b22fd72e383fc3a01605285fc
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 39e5959fbd98be97b91eb2f8a8cf09fee68a85b524f433fc34203a3049e8ee98
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B231A736A1CE8585EB508B21F44937AF3A0FB86B64F841131D58D96AA8EF7CD144CB10
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A0720 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 199COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegOpenKeyExW.KERNELBASE ref: 00007FF61D3A0A55
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegQueryValueExW.KERNELBASE ref: 00007FF61D3A0A97
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegCloseKey.KERNELBASE ref: 00007FF61D3A0AA6
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3A0A10: RegCloseKey.ADVAPI32 ref: 00007FF61D3A0ACF
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38B900: RegOpenKeyExW.KERNELBASE ref: 00007FF61D38B943
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38B900: RegOpenKeyExW.ADVAPI32 ref: 00007FF61D38B97E
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38B900: RegQueryValueExW.ADVAPI32 ref: 00007FF61D38B9C0
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38B900: RegCloseKey.ADVAPI32 ref: 00007FF61D38B9CF
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D38B900: RegCloseKey.ADVAPI32 ref: 00007FF61D38B9DA
                                                                                                                                                                                                                                          • SHGetSpecialFolderPathW.SHELL32 ref: 00007FF61D3A07E6
                                                                                                                                                                                                                                          • SHCreateDirectoryExW.SHELL32 ref: 00007FF61D3A07FE
                                                                                                                                                                                                                                          • SHCreateDirectoryExW.SHELL32 ref: 00007FF61D3A0844
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$Open$CreateDirectoryQueryValue$FolderHeapPathProcessSpecial
                                                                                                                                                                                                                                          • String ID: \config
                                                                                                                                                                                                                                          • API String ID: 3120066115-475124322
                                                                                                                                                                                                                                          • Opcode ID: 47b9b92a18e41da1c575b13af1400d2929332b73fb158789cde558191059ced6
                                                                                                                                                                                                                                          • Instruction ID: 41e9c10f7372a683b8e107adcb4578c511086a1607970bb0a575e31e43eb27c9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 47b9b92a18e41da1c575b13af1400d2929332b73fb158789cde558191059ced6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F881A132B18E5282EE509F29D44426DE3A1FB86FA4F408235DA9DC77A9EF3CE545C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A9040 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 150registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                                          • String ID: BHPUninstalled
                                                                                                                                                                                                                                          • API String ID: 3677997916-3539339586
                                                                                                                                                                                                                                          • Opcode ID: d24f0da8a403af4842714c8b6d22f0a362e433c309eb32c8c7c4b4c11433bf1d
                                                                                                                                                                                                                                          • Instruction ID: b37dae91752adfeeb0e8d0d1143c956d167d0c3551811c7d20afa3a21999543e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d24f0da8a403af4842714c8b6d22f0a362e433c309eb32c8c7c4b4c11433bf1d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 03718F77B05E8699EB40DF61C4912ED6370FB89F98F404226EE0D97A99EF38D646C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D389880 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 59registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseCreateQueryValue
                                                                                                                                                                                                                                          • String ID: ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 4083198587-4260244240
                                                                                                                                                                                                                                          • Opcode ID: 70f2fdaf3e23e404fbe236cdea4fa8ada1fb06b30778995b14fa37740f8271af
                                                                                                                                                                                                                                          • Instruction ID: 624ed5a62d531afb388b00d84f98238fba6cc05ae045c87ce7ea5f2249635802
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 70f2fdaf3e23e404fbe236cdea4fa8ada1fb06b30778995b14fa37740f8271af
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 54214872608B858AEB50CF65E45065AF7A0F789BA4F905126EB8D87B28EF7CD445CF00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AF39C Relevance: 6.1, APIs: 4, Instructions: 76COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3CC
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFD7C: std::bad_alloc::bad_alloc.LIBCMT ref: 00007FF61D3AFD85
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFB2C: IsProcessorFeaturePresent.KERNEL32 ref: 00007FF61D3AFB48
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFB2C: RtlCaptureContext.KERNEL32 ref: 00007FF61D3AFB75
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFB2C: RtlLookupFunctionEntry.KERNEL32 ref: 00007FF61D3AFB8F
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFB2C: RtlVirtualUnwind.KERNEL32 ref: 00007FF61D3AFBD0
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFB2C: IsDebuggerPresent.KERNEL32 ref: 00007FF61D3AFC24
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFB2C: SetUnhandledExceptionFilter.KERNEL32 ref: 00007FF61D3AFC41
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3AFB2C: UnhandledExceptionFilter.KERNEL32 ref: 00007FF61D3AFC4C
                                                                                                                                                                                                                                          • Concurrency::cancel_current_task.LIBCPMT ref: 00007FF61D3AF3D2
                                                                                                                                                                                                                                          • _set_fmode.LIBCMT ref: 00007FF61D3AF3EF
                                                                                                                                                                                                                                          • _RTC_Initialize.LIBCMT ref: 00007FF61D3AF410
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Concurrency::cancel_current_taskExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionInitializeLookupProcessorUnwindVirtual_set_fmodestd::bad_alloc::bad_alloc
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1376948099-0
                                                                                                                                                                                                                                          • Opcode ID: 910bfd42cc7707af4d5f5c6ab16b464813e107e71a84291511ba36caaaf686b5
                                                                                                                                                                                                                                          • Instruction ID: 1462cf3b5ee26ba552cf3c598a214043e6605d09b41751815994899e2593027c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 910bfd42cc7707af4d5f5c6ab16b464813e107e71a84291511ba36caaaf686b5
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3521AC36F08E0746FE5873B244961B892814F9BF70F480535FA2DDA2E3FE5CA9424262
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38D2E0 Relevance: 6.0, APIs: 4, Instructions: 50registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$CreateValue
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1009429713-0
                                                                                                                                                                                                                                          • Opcode ID: 18b40c0061b6a5f18e6ccd3544ab86efd2519d6a396f9b0bf837ab26ca0408e9
                                                                                                                                                                                                                                          • Instruction ID: eb98836a3d301e0fa31a74f69109d4120f629a44ba87931fa2b807a93ed3bb95
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 18b40c0061b6a5f18e6ccd3544ab86efd2519d6a396f9b0bf837ab26ca0408e9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 84114C72B08B8587EB509B51B45566AA3A0FB9AF94F401135EA8E87B64EF7CD1448F00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38D3B0 Relevance: 6.0, APIs: 4, Instructions: 44registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Close$OpenQueryValue
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1607946009-0
                                                                                                                                                                                                                                          • Opcode ID: 9c577f242c4c169b43a658c5dbae6d4e7d54f130c3663d1d7f4b598b7d41a645
                                                                                                                                                                                                                                          • Instruction ID: 929d990cba214b4af3a690a7fa39a81f0a56fb7031b716a9f17eefc40f914e4b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9c577f242c4c169b43a658c5dbae6d4e7d54f130c3663d1d7f4b598b7d41a645
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 94111C72618E8586EB509F11F44476AF3A0FB8AFD4F805135EA8E87B58EE3CD1448F00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A3280 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 232COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE ref: 00007FF61D3A32AF
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                          • SHCreateDirectoryExW.SHELL32 ref: 00007FF61D3A3509
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AttributesCreateDirectoryFileHeapProcess
                                                                                                                                                                                                                                          • String ID: prolasso.ini
                                                                                                                                                                                                                                          • API String ID: 1869356818-4236559347
                                                                                                                                                                                                                                          • Opcode ID: 7d639b74c97629e2eb81d11110b15f5eb6d5f2aee3b04543be2a345f0092bb29
                                                                                                                                                                                                                                          • Instruction ID: 6c6bfcd3944e2c69a1ee326b6d21e4a912579fd3ed2e7d7d32780128a627277f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7d639b74c97629e2eb81d11110b15f5eb6d5f2aee3b04543be2a345f0092bb29
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9091AC32B19E4282EE509B29D54427DA3A0FF82FA4F445235EA5EC77E9EF7CE4408740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D388D30 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 203COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: HeapProcess
                                                                                                                                                                                                                                          • String ID: LogFolder$ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 54951025-592487278
                                                                                                                                                                                                                                          • Opcode ID: 8765f5ac4865ed512a8b46c6c90a14998339a2d382c866294ad77fefbb8b1ec2
                                                                                                                                                                                                                                          • Instruction ID: da32211ef9c520e13a3e845e48f8660648e6e41f3a0a655b2a37b1d9aa7b89d2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8765f5ac4865ed512a8b46c6c90a14998339a2d382c866294ad77fefbb8b1ec2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7F51B432A08F8152E6149B16A84156AE6A4FF85FE0F148739FF6D87B95EE3CD4118B40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D383120 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 172COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3819D0: GetProcessHeap.KERNEL32(?,?,?,00007FF61D3886CC,?,?,?,?,?,00007FF61D38101E), ref: 00007FF61D381A06
                                                                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE ref: 00007FF61D38330F
                                                                                                                                                                                                                                          • SHCreateDirectoryExW.SHELL32 ref: 00007FF61D383322
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3BA558: _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D3BA58B
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AttributesCreateDirectoryFileHeapProcess_invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: logs
                                                                                                                                                                                                                                          • API String ID: 1915183022-4035954268
                                                                                                                                                                                                                                          • Opcode ID: 7c712762b089134a296b2a568da2fde16a5e2c3115a0b52acff4f2d36722aee0
                                                                                                                                                                                                                                          • Instruction ID: 808628356f9277c36e943498ad564cf70cb67dd81a930ae7eb37924899c592e4
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7c712762b089134a296b2a568da2fde16a5e2c3115a0b52acff4f2d36722aee0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ED517C32B08E4182EA109B26D4542ADA3A0BB86FB0F448735DEADC77E5EF7CD545D740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C21A0 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1703294689-0
                                                                                                                                                                                                                                          • Opcode ID: 7841900b9d0b28520cbb160c3016a95505cc2a3b240f8a1ca5d6ad236dbf8054
                                                                                                                                                                                                                                          • Instruction ID: 95f8a55b9f0601df02b15d2e5f0f7fd4cf10a287a22a543f1c3ae958d0efb9ce
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7841900b9d0b28520cbb160c3016a95505cc2a3b240f8a1ca5d6ad236dbf8054
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6DD09238B08F1683EB587BB29895178A3126F5AFA1F441939D90F86397ED6DA84DC700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3826A0 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 3215553584-4260244240
                                                                                                                                                                                                                                          • Opcode ID: ce60f580c955f431117541a9e2933e55f2af0125a73cce93f7834214855fdaf6
                                                                                                                                                                                                                                          • Instruction ID: 21fcc0075dbfe54d37ee46870727116476fb6a09b7c5d98465e865cd84fe5c3f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ce60f580c955f431117541a9e2933e55f2af0125a73cce93f7834214855fdaf6
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9231D539F08E4285FA149F5698842BDE391AF82FB0F544131EB0DC7787EE7DE4416640
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D382260 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 68COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 3215553584-4260244240
                                                                                                                                                                                                                                          • Opcode ID: cde0474fe0078f30123041bfc60625124fc2e483a772825b19740e2f564a3613
                                                                                                                                                                                                                                          • Instruction ID: 32cdd338e35bb32aac78587aa07166180317aefddaf0d4f1a119c6e0a9b2d15f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: cde0474fe0078f30123041bfc60625124fc2e483a772825b19740e2f564a3613
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 11215E3AA04F4582DA219F6AE44006DF7A0BB85FE0F558131DF5C87B96EE7DD8828740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AF4BC Relevance: 3.1, APIs: 2, Instructions: 94COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: __scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3070443116-0
                                                                                                                                                                                                                                          • Opcode ID: 542a4f94b7a6a2ca73274cfaa472e515a9730b10c6d22c943a791921a93d0467
                                                                                                                                                                                                                                          • Instruction ID: 6ad5a912186ebffa35f9cd1e34677fd3218a2550c8794a77ee9a4d898659d14c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 542a4f94b7a6a2ca73274cfaa472e515a9730b10c6d22c943a791921a93d0467
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E1313536B0CE0682FE64AB65A4513B9A3919F83BA4F944135E94DC72F7FE2CE8058640
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D39975D Relevance: 2.5, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CriticalFileSection$CloseCreateDefaultEnterHandleLanguageLeaveTimeUser
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2703258953-0
                                                                                                                                                                                                                                          • Opcode ID: 395d9a776d82313cf507da42ac647abcc9270f9eef72aabb263525d86a44e7c8
                                                                                                                                                                                                                                          • Instruction ID: 8f1f3b465f0696122e1fe243676280740b6e561c53fef57b52e75a9e90fdaf92
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 395d9a776d82313cf507da42ac647abcc9270f9eef72aabb263525d86a44e7c8
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 40F06D32A19C4240EB45EB12E8121FAA315AB86B60F444032D91DC32A6EF7EE846C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A7310 Relevance: 1.6, APIs: 1, Instructions: 136COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3215553584-0
                                                                                                                                                                                                                                          • Opcode ID: 63d3a7f0528c4b7a7e50b9fd533093b302d36163cc3c4e144878321260c13eb3
                                                                                                                                                                                                                                          • Instruction ID: 7f02d3208a94cb48c1ddc9472509fed6c343d8dcc6bfd42a2a5ec036a52d74d7
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 63d3a7f0528c4b7a7e50b9fd533093b302d36163cc3c4e144878321260c13eb3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9F419E72B08F4686EE258F29D48427DA7A0FB86FA4F148235DA1DC77A5EF3CD9418740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C20D1 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3947729631-0
                                                                                                                                                                                                                                          • Opcode ID: ec44fb93b1df0374a222fa0a5ab2a880191a19d40fe53c9b64cdde44d7fff015
                                                                                                                                                                                                                                          • Instruction ID: 2bcc21774d5613d6ec8788db25cd0684bdd38e3837126fb0d0c2cf823c1a813b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ec44fb93b1df0374a222fa0a5ab2a880191a19d40fe53c9b64cdde44d7fff015
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9B219D3AE04B528AEB649F64C4803FC73A0EB05B28F44063AD72D86AD5EF38D585CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D381AD0 Relevance: 1.5, APIs: 1, Instructions: 49memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AllocateHeap
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1279760036-0
                                                                                                                                                                                                                                          • Opcode ID: d77cdc0592d199bf7328cfcfbdefa1578017304a8e8bd54c3322816427059790
                                                                                                                                                                                                                                          • Instruction ID: c735f68c290c23722fb227f6c73201487d0f5a8d55dff597225baa4f5709211c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d77cdc0592d199bf7328cfcfbdefa1578017304a8e8bd54c3322816427059790
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8111A132B18A4282EB498B29E094168B291EB85F74B688334D63DC37D8FFBCD4849604
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C7E0C Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3215553584-0
                                                                                                                                                                                                                                          • Opcode ID: b31c7a8c2ee6f2fff953ccc852ec1c195fe8de550061add4bf8279e7fc773e40
                                                                                                                                                                                                                                          • Instruction ID: 31e2cb069ed5596262f3a20ec311a0dc8e4fece3019782bc98cf4bd45d4d1fec
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b31c7a8c2ee6f2fff953ccc852ec1c195fe8de550061add4bf8279e7fc773e40
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 87119A72908E52C2EB129B25E440479F3A4EB82FA0F190536EA5D877A2FF3CEC108700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C54F8 Relevance: 1.5, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • RtlAllocateHeap.NTDLL(?,?,00000000,00007FF61D3C4BE2,?,?,?,00007FF61D3BA429,?,?,?,?,00007FF61D3C55E2,?,?,00000000), ref: 00007FF61D3C554D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AllocateHeap
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1279760036-0
                                                                                                                                                                                                                                          • Opcode ID: 0adc4de1dd954cf7d2863a1e0dd463200106e5fccf175f98d4df3148d179d96d
                                                                                                                                                                                                                                          • Instruction ID: e092aaca784852a635dcd6fad21d08a9b50660c7853b50887d98cacc7cd71349
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0adc4de1dd954cf7d2863a1e0dd463200106e5fccf175f98d4df3148d179d96d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F1F04964B19E1745FE546A6698502B592A29F8BF61F4C5032C90FC63C2FD2CF8818220
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C3338 Relevance: 1.5, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • RtlAllocateHeap.NTDLL(?,?,?,00007FF61D3C55C9,?,?,00000000,00007FF61D3BAA8F,?,?,?,00007FF61D3C29FF,?,00000000,?,00007FF61D3C28F5), ref: 00007FF61D3C3376
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AllocateHeap
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1279760036-0
                                                                                                                                                                                                                                          • Opcode ID: 39a72f962fa5d87b26771459081b53c97c7058b8ebc797d7edffeb51ddff35f1
                                                                                                                                                                                                                                          • Instruction ID: f10db1d3363baca0459f07526cc69dab215b65bc72e6a1ce48a481c1d6acb821
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 39a72f962fa5d87b26771459081b53c97c7058b8ebc797d7edffeb51ddff35f1
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 28F05825F0DE1385FA642BA2984027991A09F87FB0F0C4636DC2ECA3D2FE6CA5804221
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AF15C Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • __scrt_dllmain_crt_thread_attach.LIBCMT ref: 00007FF61D3AF170
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3B1740: __vcrt_uninitialize_ptd.LIBVCRUNTIME ref: 00007FF61D3B1748
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3B1740: __vcrt_uninitialize_locks.LIBVCRUNTIME ref: 00007FF61D3B174D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: __scrt_dllmain_crt_thread_attach__vcrt_uninitialize_locks__vcrt_uninitialize_ptd
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1208906642-0
                                                                                                                                                                                                                                          • Opcode ID: b0553f9049c197e5fe63817e025327a86ff4d22aa62ebe87b859457e03bc3ab5
                                                                                                                                                                                                                                          • Instruction ID: faa37a2429fb8ef6ea7c1f87bc7473300d1b2d1d5bfa821f5d612e80f9e55893
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b0553f9049c197e5fe63817e025327a86ff4d22aa62ebe87b859457e03bc3ab5
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ADE08C32F0DE0340FEA8223149822B993500F23F71F500078F44EC20E3BD0D348796A1
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                          Function 00007FF61D3AC280 Relevance: 35.2, APIs: 18, Strings: 2, Instructions: 234clipboardkeyboardmemoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Window$Clipboard$GlobalText$AllocAsyncClassCloseDataEmptyItemLockNameOpenStateUnlock
                                                                                                                                                                                                                                          • String ID: ---------------------------$Button
                                                                                                                                                                                                                                          • API String ID: 2440719195-4265534756
                                                                                                                                                                                                                                          • Opcode ID: 9072a6170efc47987a390a2d4c67a9ae4f8b244c563247de415f7b406d6832a1
                                                                                                                                                                                                                                          • Instruction ID: 08b66826885b0bc67fa01c316af229802d80725695590f8a886fd246c0170007
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9072a6170efc47987a390a2d4c67a9ae4f8b244c563247de415f7b406d6832a1
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 72C14D36A09E8282EB559F19D540279B371FF96FA4F489231DA4E922A1FF3CE585C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AC690 Relevance: 25.8, APIs: 17, Instructions: 252memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Local$AllocFreeHandleLockModule
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2507078958-0
                                                                                                                                                                                                                                          • Opcode ID: e75cd8d87ca8e72fab78db17a343c1aed97e42ce9d121d4f7642cdba319b2de0
                                                                                                                                                                                                                                          • Instruction ID: cf9b108f92b59db9e394edb54f51e60e41c618200a1428e71149e26f59538d43
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e75cd8d87ca8e72fab78db17a343c1aed97e42ce9d121d4f7642cdba319b2de0
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DDB18236B18E8286EB649F25D8442B9A3A1FB86FA4F448231DE4DC77A4EF3CD545C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A6DF0 Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 113serviceCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Service$CloseHandleOpen$ConfigErrorLastManagerQuery
                                                                                                                                                                                                                                          • String ID: Schedule
                                                                                                                                                                                                                                          • API String ID: 3855100433-2739827629
                                                                                                                                                                                                                                          • Opcode ID: 04e3c75905809f679e3e95618becd9059e0f77c14d318f42dfc74626d3f63a81
                                                                                                                                                                                                                                          • Instruction ID: 007653011ee7d0fb1c8c5c843b6f5f271e599f3702ae645d823f754349789752
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 04e3c75905809f679e3e95618becd9059e0f77c14d318f42dfc74626d3f63a81
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C6411272B18F4583EB549B22E45432AB3A1FB8AFA0F444135DA4E87B64EF3CE445DB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A6FD0 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 64serviceCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • OpenSCManagerW.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF61D386AC4), ref: 00007FF61D3A6FED
                                                                                                                                                                                                                                          • OpenServiceW.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF61D386AC4), ref: 00007FF61D3A7023
                                                                                                                                                                                                                                          • QueryServiceStatus.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF61D386AC4), ref: 00007FF61D3A704C
                                                                                                                                                                                                                                          • StartServiceW.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF61D386AC4), ref: 00007FF61D3A706C
                                                                                                                                                                                                                                          • CloseServiceHandle.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF61D386AC4), ref: 00007FF61D3A7079
                                                                                                                                                                                                                                          • CloseServiceHandle.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF61D386AC4), ref: 00007FF61D3A7082
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Service$CloseHandleOpen$ManagerQueryStartStatus
                                                                                                                                                                                                                                          • String ID: Schedule
                                                                                                                                                                                                                                          • API String ID: 2710452061-2739827629
                                                                                                                                                                                                                                          • Opcode ID: 9b3cc1ed59dc56dfd3ee3041aad6a0ee264f26d3671a4308e90b21b330f22845
                                                                                                                                                                                                                                          • Instruction ID: 32b62e99af886e348bee761b853dbc5f41c532bb5755e43ded7e10a49aeb3b9c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9b3cc1ed59dc56dfd3ee3041aad6a0ee264f26d3671a4308e90b21b330f22845
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 92217772B18E4183EF55DB32A85413AB3A1BF8BFA0B445235D95FC67A4FF2CE4458A00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AFB2C Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 71COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                                                          • String ID: ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 3140674995-4260244240
                                                                                                                                                                                                                                          • Opcode ID: b4862b04c65fa44d6aec95b516da34a2b62a5c5ce4ac22060030a571383710ab
                                                                                                                                                                                                                                          • Instruction ID: 4e09c556a0450eabdb946abc46edce8aa7836c7b1cd79591bb986988c3c70d87
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b4862b04c65fa44d6aec95b516da34a2b62a5c5ce4ac22060030a571383710ab
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0D311D72709F8186EB609F60E8503E9A364FB85B58F44413ADB4D87B99EF78D548CB10
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3BA02C Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1239891234-0
                                                                                                                                                                                                                                          • Opcode ID: 654cdbe3605baefcb7f1a53c9afaa846a9137f9a1e55ddc7c03086d7744b5ee8
                                                                                                                                                                                                                                          • Instruction ID: 4e1986a9a59048109bd0cc5d6b26793e10cbe52959a31b5f669388b158d4732f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 654cdbe3605baefcb7f1a53c9afaa846a9137f9a1e55ddc7c03086d7744b5ee8
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B8317736618F8186DB60CF65E8402AEB3A4FB89B64F544136EB8D83B95EF3CD545CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AE5B8 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • InitializeCriticalSectionEx.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF61D3ADAF8), ref: 00007FF61D3AE610
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF61D3ADAF8), ref: 00007FF61D3AE619
                                                                                                                                                                                                                                          • IsDebuggerPresent.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF61D3ADAF8), ref: 00007FF61D3AE631
                                                                                                                                                                                                                                          • OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF61D3ADAF8), ref: 00007FF61D3AE642
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 00007FF61D3AE63B
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CriticalDebugDebuggerErrorInitializeLastOutputPresentSectionString
                                                                                                                                                                                                                                          • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                                                                                                                                                                                                                          • API String ID: 3511171328-631824599
                                                                                                                                                                                                                                          • Opcode ID: a6b38baa703573e54dd04a5653fa4d07580864c491b1b87a7f53083a225ea12f
                                                                                                                                                                                                                                          • Instruction ID: cc571ff1cdf847d7965e5305d121035f24f88eda35484e2e5b4c9d35106001e2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a6b38baa703573e54dd04a5653fa4d07580864c491b1b87a7f53083a225ea12f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C9118C32B14F8297FB449B22D6453B9B2A0FB05BA4F444235D64DC2AA0FF3CE0748B10
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C6A94 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2227656907-0
                                                                                                                                                                                                                                          • Opcode ID: 825e194fbbbe3e22ad65da8da617fbc83707dd7fea39097ebb6b46172de40211
                                                                                                                                                                                                                                          • Instruction ID: eb11f667e5c19e6df0fc36bf6ecb5c5598b69c7aa7145d2d57f11e16948abd81
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 825e194fbbbe3e22ad65da8da617fbc83707dd7fea39097ebb6b46172de40211
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 11B18132B19EA241EA609B66D9042B9A350EB46FF4F445133EA5D87AA5FE7CF441D300
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C04C0 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 329COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: memcpy_s
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1502251526-3916222277
                                                                                                                                                                                                                                          • Opcode ID: 410d9816363a57b732192fd8862a22eaa28d4ced0536adc073eb692d23bba256
                                                                                                                                                                                                                                          • Instruction ID: 57e7634b4cad9d913dbe32d82c2508fb339b10dd8f1c0f1e15931b0199159d7f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 410d9816363a57b732192fd8862a22eaa28d4ced0536adc073eb692d23bba256
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FDC1D672B19AE687E724CF19E04866AF791F786B94F448136DB4A83744EF3CE905CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3ACC70 Relevance: 6.2, APIs: 4, Instructions: 191registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseFileModuleNameOpenQueryValue
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3617018055-0
                                                                                                                                                                                                                                          • Opcode ID: d166f7efd2b4a129ee50f3d30d7f667786954081199f53cd019dd627cb24cfbd
                                                                                                                                                                                                                                          • Instruction ID: b0d4607ee468deabaf0fd9b28892ed8cf58ed1e177ae2ed5eacaff1e25d8841c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d166f7efd2b4a129ee50f3d30d7f667786954081199f53cd019dd627cb24cfbd
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5391AC76715E8185DB20DF24D4402BAB3B1FB96FA8F849232DA4D836A4FF78E645C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A2E60 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 110filelibraryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileLoad$HandleString$CloseCreateLibraryModuleWrite
                                                                                                                                                                                                                                          • String ID: My First Profile
                                                                                                                                                                                                                                          • API String ID: 3934505703-3805887433
                                                                                                                                                                                                                                          • Opcode ID: 649a2d21f6085fb3c9bec027f2435fa40d1dc9114116155dd67cb5ff7e92993c
                                                                                                                                                                                                                                          • Instruction ID: 03c6968edc116273bb18a3a5ede45a556496ea3fd53b7502675ed06eb100670e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 649a2d21f6085fb3c9bec027f2435fa40d1dc9114116155dd67cb5ff7e92993c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BC514176B08E8282EB109F12E844669A360FB86FB4F544235DA5DC37A5EF7CE945CB40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B96E4 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 478COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: -$0$f$p$p
                                                                                                                                                                                                                                          • API String ID: 3215553584-1865143739
                                                                                                                                                                                                                                          • Opcode ID: bd4f149f2eb2a596cd3d60e8df525d1a70cabada9e73dc23b9df3ce12d0a1339
                                                                                                                                                                                                                                          • Instruction ID: 71800813b68358055153833f6b047f49d8a20536156f44ca49369d7ecca2a740
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bd4f149f2eb2a596cd3d60e8df525d1a70cabada9e73dc23b9df3ce12d0a1339
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9E12A032E0DD4386FB609A15D0546B9F691FB82F74F98C135E69A876C4EF7CE5808B20
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AEF78 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 21libraryloaderCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressProc$HandleModule
                                                                                                                                                                                                                                          • String ID: GetCurrentPackageId$GetSystemTimePreciseAsFileTime$GetTempPath2W$kernel32.dll
                                                                                                                                                                                                                                          • API String ID: 667068680-1247241052
                                                                                                                                                                                                                                          • Opcode ID: 2c22bf584bac9d13caa6b8643984287589cebbab3d13cf341694cc08deee8035
                                                                                                                                                                                                                                          • Instruction ID: 23daad6bc7f72f2e7c3443876aa34a4529e0c0979af8752585052ade24a7dc3b
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2c22bf584bac9d13caa6b8643984287589cebbab3d13cf341694cc08deee8035
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F5F07A78E19F0396EE049F91F895061A3A5BF4AF71B851135C84D87360FFBCA555C710
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3ACFF0 Relevance: 13.6, APIs: 9, Instructions: 109libraryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Load$String$Library$HandleModule$Free
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2517587207-0
                                                                                                                                                                                                                                          • Opcode ID: dcd005fd64c950e684d1e95fa149e6d96a66c8118c5c4197a072a9906878df78
                                                                                                                                                                                                                                          • Instruction ID: 931386a4b7ca0377b4315cdab2f773c5732f26823c6b8efabd264d416e2e9fe8
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dcd005fd64c950e684d1e95fa149e6d96a66c8118c5c4197a072a9906878df78
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CE512071A0CE8286E761DB16E8446A9B7A0FF4AF64F444235C99DC76A5FF3CE505CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B8F5C Relevance: 12.7, APIs: 3, Strings: 4, Instructions: 489COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: 0$f$p$p
                                                                                                                                                                                                                                          • API String ID: 3215553584-1202675169
                                                                                                                                                                                                                                          • Opcode ID: 16c80322e2773b3f60471fc509b4159bc96100d75b4168ebdc0ea2582f84f6a8
                                                                                                                                                                                                                                          • Instruction ID: 4d5f8d66c8dd0d6de68c32593bcaa43e8c5e9d369c82937431986515aa6863bb
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 16c80322e2773b3f60471fc509b4159bc96100d75b4168ebdc0ea2582f84f6a8
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 48129171E0CD4386FB209A25D04467AF695EB42F74F94C036E69E866C8EE3DE580DB20
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B2220 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 312COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                                                          • String ID: csm$csm$csm
                                                                                                                                                                                                                                          • API String ID: 849930591-393685449
                                                                                                                                                                                                                                          • Opcode ID: f85208b587c3256c7066d3abc3063a19453584d64ae9d38adc879ffa6a0f386d
                                                                                                                                                                                                                                          • Instruction ID: 07c58fb8fe1aca503c99ecd5eb1bd2746b9cfbd54a2f339e6f09c0cf50a6d320
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f85208b587c3256c7066d3abc3063a19453584d64ae9d38adc879ffa6a0f386d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6FD19436A08F418AEB609F65D4813ADB7A0FB46BA8F104235EE4D977D5EF38E591C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C56B0 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                                                          • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                          • API String ID: 3013587201-537541572
                                                                                                                                                                                                                                          • Opcode ID: 4dfa4dc3fb04d006801614709fe4d8cc98a5ec1c07ee7d7a682daf30c68dd7b3
                                                                                                                                                                                                                                          • Instruction ID: 138a0e1d6d13c3fa269e388e356b49905fd70ae7824951dc5ba7962ec8a0c61f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4dfa4dc3fb04d006801614709fe4d8cc98a5ec1c07ee7d7a682daf30c68dd7b3
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 37419C75B19E6282EA169B16AC041B5A392BF46FF0F884236DD1DCB794FE3CF4858700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3993BA Relevance: 12.2, APIs: 8, Instructions: 210COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo$Cpp_errorThrow_std::_
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1015236146-0
                                                                                                                                                                                                                                          • Opcode ID: ec45004d44ff49eb7c2d7b72a7bb61bb2cf1e5fb8d44f0c7392aecb72184cf4b
                                                                                                                                                                                                                                          • Instruction ID: ff52bea4188e9866e217c5bb1cf55dccc4a9e1d023440b5e8f08374f14bd3be1
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ec45004d44ff49eb7c2d7b72a7bb61bb2cf1e5fb8d44f0c7392aecb72184cf4b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3861237398AA5796F64477B00C277BA90859F83BB0F119F3CE71DDB2D36C5D2810292A
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B64E0 Relevance: 11.0, APIs: 3, Strings: 3, Instructions: 475COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: f$p$p
                                                                                                                                                                                                                                          • API String ID: 3215553584-1995029353
                                                                                                                                                                                                                                          • Opcode ID: 8cd0e13b6ec317e31c30bd4dbd75af48eeaa2cdba1d857f2d020b9303d487a3c
                                                                                                                                                                                                                                          • Instruction ID: 0ee2b8f800c0cb38de0f64c2756038f9740fa5d3f28065524759a424e49d376a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8cd0e13b6ec317e31c30bd4dbd75af48eeaa2cdba1d857f2d020b9303d487a3c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 97129572E0CD4386FB609A15D05467AF665FB82F64F94C036D6C9CA6C6EE3DE580EB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A4910 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 241COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID: P$gfffffff$gfffffff$true
                                                                                                                                                                                                                                          • API String ID: 0-3282438640
                                                                                                                                                                                                                                          • Opcode ID: bef4735d4554af740f92631d2fb62e6390cd8bba86a6956bda069db016198101
                                                                                                                                                                                                                                          • Instruction ID: ed91da8e7d1a72a49ec33cfc070dc7d442aa3d1f5b5d0d1c5a494cebba0f2ae4
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bef4735d4554af740f92631d2fb62e6390cd8bba86a6956bda069db016198101
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5B81D372B08E8682EE10CB12B54416AE355EB95FE4F584135EE9DC77A9FE3CE081D301
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B4B4C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • LoadLibraryExW.KERNEL32(?,?,?,00007FF61D3B4DFE,?,?,?,00007FF61D3B4AF0,?,?,?,00007FF61D3B1721), ref: 00007FF61D3B4BD1
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,?,00007FF61D3B4DFE,?,?,?,00007FF61D3B4AF0,?,?,?,00007FF61D3B1721), ref: 00007FF61D3B4BDF
                                                                                                                                                                                                                                          • LoadLibraryExW.KERNEL32(?,?,?,00007FF61D3B4DFE,?,?,?,00007FF61D3B4AF0,?,?,?,00007FF61D3B1721), ref: 00007FF61D3B4C09
                                                                                                                                                                                                                                          • FreeLibrary.KERNEL32(?,?,?,00007FF61D3B4DFE,?,?,?,00007FF61D3B4AF0,?,?,?,00007FF61D3B1721), ref: 00007FF61D3B4C77
                                                                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FF61D3B4DFE,?,?,?,00007FF61D3B4AF0,?,?,?,00007FF61D3B1721), ref: 00007FF61D3B4C83
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                                                          • String ID: api-ms-
                                                                                                                                                                                                                                          • API String ID: 2559590344-2084034818
                                                                                                                                                                                                                                          • Opcode ID: 9345470fa57081e161ea2cf244090d0b515fd7853dac98a98c27f364cbf8af83
                                                                                                                                                                                                                                          • Instruction ID: 95595b040df433a05e2b765dd321f359e1d481dd35c99e210530d62984330b57
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9345470fa57081e161ea2cf244090d0b515fd7853dac98a98c27f364cbf8af83
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F0319031B1AE42A2EE259B16A800579A394BF46FB8F598635DD2D87790FF3CE4418704
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C4A08 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Value$ErrorLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2506987500-0
                                                                                                                                                                                                                                          • Opcode ID: 714a0adf25d7ff4f1e6efb4d9f3a889b25f57ead503d3c222459c24d65ada49c
                                                                                                                                                                                                                                          • Instruction ID: a75c8f3604845d1a8d3157e815351db6ec62d5df92ef0bfe95e54ca7943c5120
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 714a0adf25d7ff4f1e6efb4d9f3a889b25f57ead503d3c222459c24d65ada49c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3D218E34F08E6242FAA86721964503DE2929F46FF0F944736D83EC7AD6FE2CB4014704
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3CC968 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                                                          • String ID: CONOUT$
                                                                                                                                                                                                                                          • API String ID: 3230265001-3130406586
                                                                                                                                                                                                                                          • Opcode ID: 990094b972ffe71eb09b1b08769d7e9d6664f9c675fe5f09587181c67802811e
                                                                                                                                                                                                                                          • Instruction ID: 406c9504e95c5986d07cae84a0db015ede0d2e1ffeab887f9aa169105b589d70
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 990094b972ffe71eb09b1b08769d7e9d6664f9c675fe5f09587181c67802811e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EC114C31B18E4186E7509B52E854329A2A0BB8AFF4F444234EA5EC7798EF7CD8548B40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AED70 Relevance: 9.1, APIs: 6, Instructions: 94threadCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AcquireExclusiveLock$CurrentThreadsys_get_time
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 184115430-0
                                                                                                                                                                                                                                          • Opcode ID: 6403650f89abbb28bc2648f5c3e0e9995910bc5ff754577ac716691575b88633
                                                                                                                                                                                                                                          • Instruction ID: c571348087f75aeb0f79abb38c110bc88bfa057b42449ecb3d16d6e1d352f91c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6403650f89abbb28bc2648f5c3e0e9995910bc5ff754577ac716691575b88633
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AC413D32B18E4686EB648F10D440A38F3A0FB56FA5F484535DA4DD26A8EF3DEC95CB10
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B26F0 Relevance: 9.1, APIs: 2, Strings: 3, Instructions: 319COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Is_bad_exception_allowedstd::bad_alloc::bad_alloc
                                                                                                                                                                                                                                          • String ID: csm$csm$csm
                                                                                                                                                                                                                                          • API String ID: 3523768491-393685449
                                                                                                                                                                                                                                          • Opcode ID: a49b8795d672cb1a01a3c94349c022e1d153b6d7a62b6b70f420d6d929351b06
                                                                                                                                                                                                                                          • Instruction ID: 0fc026de364c9f84644335063e968403904eda8fa93afdedc492e54c325efa1c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a49b8795d672cb1a01a3c94349c022e1d153b6d7a62b6b70f420d6d929351b06
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ABE18676D18E928AE710DF24D4813ADB7A0FB46B68F158235DE4D876D6EF38E481C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C4B80 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,?,00007FF61D3BA429,?,?,?,?,00007FF61D3C55E2,?,?,00000000,00007FF61D3BAA8F,?,?,?), ref: 00007FF61D3C4B8F
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3BA429,?,?,?,?,00007FF61D3C55E2,?,?,00000000,00007FF61D3BAA8F,?,?,?), ref: 00007FF61D3C4BC5
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3BA429,?,?,?,?,00007FF61D3C55E2,?,?,00000000,00007FF61D3BAA8F,?,?,?), ref: 00007FF61D3C4BF2
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3BA429,?,?,?,?,00007FF61D3C55E2,?,?,00000000,00007FF61D3BAA8F,?,?,?), ref: 00007FF61D3C4C03
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3BA429,?,?,?,?,00007FF61D3C55E2,?,?,00000000,00007FF61D3BAA8F,?,?,?), ref: 00007FF61D3C4C14
                                                                                                                                                                                                                                          • SetLastError.KERNEL32(?,?,?,00007FF61D3BA429,?,?,?,?,00007FF61D3C55E2,?,?,00000000,00007FF61D3BAA8F,?,?,?), ref: 00007FF61D3C4C2F
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Value$ErrorLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2506987500-0
                                                                                                                                                                                                                                          • Opcode ID: dde7c08fa17783c05be1ffc7cb565d546bdde56f7e09c288291a9d232cb3f247
                                                                                                                                                                                                                                          • Instruction ID: 702ccfb39e5575d2b93574fc0ba78b48eba5e17dc92f685e21d66986078f6fbe
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dde7c08fa17783c05be1ffc7cb565d546bdde56f7e09c288291a9d232cb3f247
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 00118E30B0CE6242FA646322A95113DE2915F46FF0F944736E93EC66D6FE6CB4004700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A9BD0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 99windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Active$BeepLastMessagePopupVersionWindow
                                                                                                                                                                                                                                          • String ID: Process Lasso
                                                                                                                                                                                                                                          • API String ID: 443910678-1212517334
                                                                                                                                                                                                                                          • Opcode ID: e38d5988dbdcd268eafdeba1b978b60b25dbb6f1832353c190bf11f9a2edb878
                                                                                                                                                                                                                                          • Instruction ID: a503a9f878b577251309b599a8beb944bdd7257a0afe87942c7ef3c8c077da6c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e38d5988dbdcd268eafdeba1b978b60b25dbb6f1832353c190bf11f9a2edb878
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 25419672719D8282EB649F11E4443AAB7A0FB86FA0F845135EA4DD26E9FF3CD544CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C2204 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                                          • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                                          • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                                          • Opcode ID: 938d3e1025252d6c78384ba8933e2b9f0e30e47fcf125257cf530f626aae4647
                                                                                                                                                                                                                                          • Instruction ID: 72fffc807acdd0945be43b31e9888c7130e01788bf509a87c3eea753c74abfae
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 938d3e1025252d6c78384ba8933e2b9f0e30e47fcf125257cf530f626aae4647
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 32F04F75B19F0682EB108B64E455339A361EF86FB1FD40336DA6E852E4EF2CE044CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B1AF0 Relevance: 7.8, APIs: 5, Instructions: 290COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: AdjustPointer
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1740715915-0
                                                                                                                                                                                                                                          • Opcode ID: a6c292cd952d21b22692cf1a8ab2d7c62d2634228ba6298753fb2cbdf7902857
                                                                                                                                                                                                                                          • Instruction ID: 9d0411b4b2673877cfcc5a6345ccd72a109fa2f5c689acf71221e73d0554d2db
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a6c292cd952d21b22692cf1a8ab2d7c62d2634228ba6298753fb2cbdf7902857
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7DB1AE32E0AE5681EA65DB11948027AE7A0EF46FA4F09C635DA4D877D5FF7CE442C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AFF30 Relevance: 7.6, APIs: 5, Instructions: 137memoryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ByteCharMultiWide$AllocString
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 262959230-0
                                                                                                                                                                                                                                          • Opcode ID: a0d6f1fc862629fa0e4cb7e8bc56810707a2ea814486d9ac555a23600893dabf
                                                                                                                                                                                                                                          • Instruction ID: 9683b97f4d7924e8b93fcaebc6f9edb7ce3f93b054209d5a79fbc46897add16c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a0d6f1fc862629fa0e4cb7e8bc56810707a2ea814486d9ac555a23600893dabf
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 40419F32B08E468AEB149F2194503B9E391EF46FB4F148635E9ADC77E5EE7DE1418700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3CC5C8 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: _set_statfp
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1156100317-0
                                                                                                                                                                                                                                          • Opcode ID: f28776d55c10eb7d177062c5064588f4ec1541889b7918308e505bf18f8973e9
                                                                                                                                                                                                                                          • Instruction ID: 04faa64e64fd884abc3feb8eff0c5fc050365a75d1d954086b4091006faa19cd
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f28776d55c10eb7d177062c5064588f4ec1541889b7918308e505bf18f8973e9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8011E336E5CE2301F6541228DA513B991806F57B74F1C1637FA6FC62E6AE2CA8619140
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C4C48 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • FlsGetValue.KERNEL32(?,?,?,00007FF61D3B9FBB,?,?,00000000,00007FF61D3BA256,?,?,?,?,?,00007FF61D3BA1E2), ref: 00007FF61D3C4C67
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3B9FBB,?,?,00000000,00007FF61D3BA256,?,?,?,?,?,00007FF61D3BA1E2), ref: 00007FF61D3C4C86
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3B9FBB,?,?,00000000,00007FF61D3BA256,?,?,?,?,?,00007FF61D3BA1E2), ref: 00007FF61D3C4CAE
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3B9FBB,?,?,00000000,00007FF61D3BA256,?,?,?,?,?,00007FF61D3BA1E2), ref: 00007FF61D3C4CBF
                                                                                                                                                                                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FF61D3B9FBB,?,?,00000000,00007FF61D3BA256,?,?,?,?,?,00007FF61D3BA1E2), ref: 00007FF61D3C4CD0
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Value
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3702945584-0
                                                                                                                                                                                                                                          • Opcode ID: 6feeac366f0896aa7b390c897afeaa99322bd85c02e936d6a1c2d6f2812dc099
                                                                                                                                                                                                                                          • Instruction ID: 3fd39e54dc341326fd10823eb57d34851cf30a09db746e844011bc6c60b9617f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6feeac366f0896aa7b390c897afeaa99322bd85c02e936d6a1c2d6f2812dc099
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C0116D30F08E6251FA5863269951139E2916F46FF0F848736D83D8A6EAFE2CF4018201
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A0010 Relevance: 7.6, APIs: 5, Instructions: 53filetimeCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: File$CloseHandle$CreateSizeTime
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 492692993-0
                                                                                                                                                                                                                                          • Opcode ID: 02590b97e5d636f7b752d0ec1d1feb90cc3961c17d37a2390de5a035181ea63d
                                                                                                                                                                                                                                          • Instruction ID: 44a7173b1e7cf17a4b407445db3322da887e561e423ca4e88d7351b9bbc6457a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 02590b97e5d636f7b752d0ec1d1feb90cc3961c17d37a2390de5a035181ea63d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0A210332A08E5686EB50CB15E454269F3A0FB86BB4F544235DA5DC27A4EF7CE945CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C4ADC Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Value
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 3702945584-0
                                                                                                                                                                                                                                          • Opcode ID: 12b867e8162fc369baf422574f52d8133ad84033ade510edb3ac186e9c921436
                                                                                                                                                                                                                                          • Instruction ID: da8f1d5eccf1456d3d9c33b85ec712de2f3da9790786b5deb826f158b0fe5995
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 12b867e8162fc369baf422574f52d8133ad84033ade510edb3ac186e9c921436
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3D113070F4CE2741FD686325985227992514F47FB0F940736D97ECA2D2FD6CB8015211
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A4840 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 226COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID: gfffffff$true
                                                                                                                                                                                                                                          • API String ID: 0-952935935
                                                                                                                                                                                                                                          • Opcode ID: 4cd49620a502763fca666fa0dacdf76aa776ed8ab562f65f132b7ea915a8bc41
                                                                                                                                                                                                                                          • Instruction ID: b07bb61b289401404e40bec85d653055ab29f0a7c9d6d1d30e41e2c3549a4051
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4cd49620a502763fca666fa0dacdf76aa776ed8ab562f65f132b7ea915a8bc41
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F981A172B14E8982EE14CB16E444169A351FB8AFE4F588635EEADC7798EF3CE451D300
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B2E64 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 190COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                                                          • String ID: MOC$RCC
                                                                                                                                                                                                                                          • API String ID: 3544855599-2084237596
                                                                                                                                                                                                                                          • Opcode ID: 212f01c34a750fe74e91177d503426e4a6dc02d5449a1c3a88fb1c9c186c3c0e
                                                                                                                                                                                                                                          • Instruction ID: f01b2602ca0e52065f9a046202a14de742721fd9a9f110be48e67fbd0e775c91
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 212f01c34a750fe74e91177d503426e4a6dc02d5449a1c3a88fb1c9c186c3c0e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F391A473A08F918AE711DF64D4402ADBBA0FB46B98F148129EE8D97795EF38D155CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B1500 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                                                          • String ID: csm
                                                                                                                                                                                                                                          • API String ID: 2395640692-1018135373
                                                                                                                                                                                                                                          • Opcode ID: e0a5315dfbcc5ebf6141dd23b80c61353739f913c520fa19914abd61c4ed1fc1
                                                                                                                                                                                                                                          • Instruction ID: 07a9b4b24eca3db3a05bad79418f761096f0eae66bdb29a3f3d595fb9aadaf73
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e0a5315dfbcc5ebf6141dd23b80c61353739f913c520fa19914abd61c4ed1fc1
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0C518F32B19E028ADB54CB15E444B78B395EB56FA8F548231EE4E87788EF7DE841C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B33E4 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 145COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                                                          • String ID: csm$csm
                                                                                                                                                                                                                                          • API String ID: 3896166516-3733052814
                                                                                                                                                                                                                                          • Opcode ID: e7ab8bc18abfd509529a0087b2cd4233c4fe48ef872db3fb014b4b5aa41984f9
                                                                                                                                                                                                                                          • Instruction ID: 091054523b110d3837c556fe2bdd0c45dbb63c965dfc9533fe1156d840a9f645
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e7ab8bc18abfd509529a0087b2cd4233c4fe48ef872db3fb014b4b5aa41984f9
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 63517D32908E9286EB648F159584369B7A0FB56FA4F148136DE9D87BD5EF3CF450CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3C24F8 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 111COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • _invalid_parameter_noinfo.LIBCMT ref: 00007FF61D3C252A
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3C32FC: HeapFree.KERNEL32(?,?,?,00007FF61D3C81EA,?,?,?,00007FF61D3C8227,?,?,00000000,00007FF61D3C855C,?,?,?,00007FF61D3C848F), ref: 00007FF61D3C3312
                                                                                                                                                                                                                                            • Part of subcall function 00007FF61D3C32FC: GetLastError.KERNEL32(?,?,?,00007FF61D3C81EA,?,?,?,00007FF61D3C8227,?,?,00000000,00007FF61D3C855C,?,?,?,00007FF61D3C848F), ref: 00007FF61D3C331C
                                                                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(?,?,FFFFFFFF,?,ProcessLasso,00007FF61D3AF42D,?,?,?,?,?,?,?,00007FF61D389F2B), ref: 00007FF61D3C2548
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: C:\Users\user\Desktop\PostUpdate.exe$ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 3580290477-1864471491
                                                                                                                                                                                                                                          • Opcode ID: 45d4ea57988e913832bd2b7b71231a5125c0e1837df7bb4a6b9dbb469cb9cddb
                                                                                                                                                                                                                                          • Instruction ID: a93e9d8856444b0d96e4592907d60ed73ca127206740348b7990347545d5765a
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 45d4ea57988e913832bd2b7b71231a5125c0e1837df7bb4a6b9dbb469cb9cddb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4241C536A08F2286EB15DF25E8910B9F394EF46FE4F544036E94D83B95EE3DE8818310
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3CA14C Relevance: 6.3, APIs: 4, Instructions: 305fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2718003287-0
                                                                                                                                                                                                                                          • Opcode ID: 96ec082de6efeaf2c0e0abf3f1e0f2e38255d9085190eb30a5b99049a85aa78e
                                                                                                                                                                                                                                          • Instruction ID: 42283c210fbfd2deda6c84cdd76068f9229ebde73226c7718ca605edfb19abd6
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 96ec082de6efeaf2c0e0abf3f1e0f2e38255d9085190eb30a5b99049a85aa78e
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A5D1D372B18E9189E710CFB5D4402ADB7B1FB45BA8F148236DE8D97B99EE38D446C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3CAA90 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,00000000,00000000,00007FF61D3CAA30), ref: 00007FF61D3CABB3
                                                                                                                                                                                                                                          • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,00000000,00000000,00007FF61D3CAA30), ref: 00007FF61D3CAC3D
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 953036326-0
                                                                                                                                                                                                                                          • Opcode ID: ba73c2a6c830b0e01033f19e5f5ac2333b4e7b4b09b9ed8e1402294b1c33b3ce
                                                                                                                                                                                                                                          • Instruction ID: bf4f1493cb26d224dcd2aaaf11d5ffeb1123eab1ffc75dd07aa50bea65f7edd4
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ba73c2a6c830b0e01033f19e5f5ac2333b4e7b4b09b9ed8e1402294b1c33b3ce
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1791B272E18E6286F7508B6598546BEA7A0FB06FA8F444137DE0ED7694FF38D482C710
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D38ACA0 Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ConditionMask$InfoVerifyVersion
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2793162063-0
                                                                                                                                                                                                                                          • Opcode ID: b47bed307cdee2bfbd75fa7c28f5c28f3c7f1429d6508cab238c0b56bc185841
                                                                                                                                                                                                                                          • Instruction ID: 98ab36cc91c1add6a642348e7d8b82cc03c5248b98784c81023b4f29599cacae
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b47bed307cdee2bfbd75fa7c28f5c28f3c7f1429d6508cab238c0b56bc185841
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8911E932608A8196D735CF22E5853EAB3A1FB89B54F404225DA9D87B58EF7CE115CF40
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3851D0 Relevance: 6.0, APIs: 4, Instructions: 40libraryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Load$String$HandleLibraryModule
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2387318791-0
                                                                                                                                                                                                                                          • Opcode ID: 19a0955cb4d97ac73b47aceccd7c886a66febd6799030f87906649ee3c3b736a
                                                                                                                                                                                                                                          • Instruction ID: 13c1476e4e7e2b6c2a91746cdd830a0accfbb629b27806e77c9fa2b66b26eb63
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 19a0955cb4d97ac73b47aceccd7c886a66febd6799030f87906649ee3c3b736a
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F0015232B18E4282EB509B66F840579A794BF9AFE4F481131DE4ED3795EF2CE9819700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3AFD9C Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 2933794660-0
                                                                                                                                                                                                                                          • Opcode ID: 8e493558126af3492c8731200ce4aaae9faba6a1ed4b29344c95cbbdd31edb34
                                                                                                                                                                                                                                          • Instruction ID: 3d7de6248e3dd0dd591097579fbbe335753b45d1488332aa4fd48a50d3d2d0d0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8e493558126af3492c8731200ce4aaae9faba6a1ed4b29344c95cbbdd31edb34
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C5115E36B14F058AEB00CF60E8442B873A4F71AB68F441E31DA6D827A4EF3CD954C340
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A9DB0 Relevance: 6.0, APIs: 4, Instructions: 31windowCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Paint$BeginDrawIconLongWindow
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1892919229-0
                                                                                                                                                                                                                                          • Opcode ID: b19348ce44926a936127c34b8ca79a6b72737350fc4d50ff6e57c6ac395588a8
                                                                                                                                                                                                                                          • Instruction ID: 568b264b4633bed92c7f40082a4e6a8bd6bb649b54b334fa8b9de2bfadadd008
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b19348ce44926a936127c34b8ca79a6b72737350fc4d50ff6e57c6ac395588a8
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FFF03635B18E4182EA608B75B955369A391BB8EF94F944230DE4D87769EE3CD1058B00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A4460 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 215COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                          • String ID: true
                                                                                                                                                                                                                                          • API String ID: 0-4261170317
                                                                                                                                                                                                                                          • Opcode ID: 37c685a535978942704be1c08177c0d5b45372172b94b709901debf567a611fd
                                                                                                                                                                                                                                          • Instruction ID: 8b1d4ecff66151269249da092e3d3a76f11b71db3b31322efeb217d631fb5092
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 37c685a535978942704be1c08177c0d5b45372172b94b709901debf567a611fd
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 75818E72718B8582EE108B15E58416AB7A4FB49BF4F584635EEAD877E8EF7CE440C300
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3848A0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 177COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Concurrency::cancel_current_task_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                          • String ID: vector too long
                                                                                                                                                                                                                                          • API String ID: 73155330-2873823879
                                                                                                                                                                                                                                          • Opcode ID: ae3be65712cf2a37d074e284fe5d3683525c79a99f3f93cb4aa9143417b27761
                                                                                                                                                                                                                                          • Instruction ID: e1c465927bc3792126f86ec1f39c0a86a32480406828a32136aeed1f3fa0d5a0
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ae3be65712cf2a37d074e284fe5d3683525c79a99f3f93cb4aa9143417b27761
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7B51B132B08F8182DA60CB59E54026DB7A5EB46FE4F644239EA9D8BB85EF3CD051D300
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B361C Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 163COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: __except_validate_context_record
                                                                                                                                                                                                                                          • String ID: csm$csm
                                                                                                                                                                                                                                          • API String ID: 1467352782-3733052814
                                                                                                                                                                                                                                          • Opcode ID: c8cbcb4a935f34ab49b0f965fe3dcdfc290b9cf4c4ef67020b4c8690a6a8268f
                                                                                                                                                                                                                                          • Instruction ID: fb9fe59654488704e102c7884123c624d7a02a3e930c410819d119cab422d364
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c8cbcb4a935f34ab49b0f965fe3dcdfc290b9cf4c4ef67020b4c8690a6a8268f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AF71CF72A08EA186DB648B65948077DBBA0FB46FA5F04C135DE4C87AC9EF2CE455C701
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B2BF4 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: EncodePointer
                                                                                                                                                                                                                                          • String ID: MOC$RCC
                                                                                                                                                                                                                                          • API String ID: 2118026453-2084237596
                                                                                                                                                                                                                                          • Opcode ID: facb409be56bddc73def136a992894825ff6c64311da085ab88359a3e23dd48d
                                                                                                                                                                                                                                          • Instruction ID: b2c8ad19b9480489e58eeb7ebcc00326ee911f4aa2b6d4bf6ed444b398395289
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: facb409be56bddc73def136a992894825ff6c64311da085ab88359a3e23dd48d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 07616236908F8585D7619B15E4803AAF7A0FB86B94F048335EB9D47B99EF7CE194CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B3CB4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 117COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CreateFrameInfo__except_validate_context_record
                                                                                                                                                                                                                                          • String ID: csm
                                                                                                                                                                                                                                          • API String ID: 2558813199-1018135373
                                                                                                                                                                                                                                          • Opcode ID: 8ad02b260869f0896f958332105622fb18e37bc3a7445f06e41fb617cea31ab2
                                                                                                                                                                                                                                          • Instruction ID: 435ef522958a7d53d3d86b62c3eaf1fe26965843e2507f92aaf5d394c402c74d
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8ad02b260869f0896f958332105622fb18e37bc3a7445f06e41fb617cea31ab2
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7251A037A19F9182D620DB15E5412AEB7A4FB8AFA0F144235DF8D87B95EF39E450CB00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3843E0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 116COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Concurrency::cancel_current_task_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                          • String ID: ProcessLasso
                                                                                                                                                                                                                                          • API String ID: 73155330-4260244240
                                                                                                                                                                                                                                          • Opcode ID: e27d890b0850b5ea815c6aa37227a7230310ee28782fe14ec910789d126f8efb
                                                                                                                                                                                                                                          • Instruction ID: fdb6c87eb64e2cb82f1ff020c3a4acf47b0a8e8b42c854ba7cf042949fe1ccf2
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e27d890b0850b5ea815c6aa37227a7230310ee28782fe14ec910789d126f8efb
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9441D472B09F8581EE109B12A50426EE356AB46FF0F580735DEADCBBD6EE7CE0419300
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3CA7F8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ErrorFileLastWrite
                                                                                                                                                                                                                                          • String ID: U
                                                                                                                                                                                                                                          • API String ID: 442123175-4171548499
                                                                                                                                                                                                                                          • Opcode ID: 1e257e5bf337ba7674170a036b108d7502fe9ffa81b68ef0043970e7d3f3121c
                                                                                                                                                                                                                                          • Instruction ID: ac4750394a34f4f958d8a6cdb75763f8d09a037b30d5a11c42425f20ea2e9c5e
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1e257e5bf337ba7674170a036b108d7502fe9ffa81b68ef0043970e7d3f3121c
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F941B432B18E5582DB60CF25E4443AAA760FB85BA4F554132EE4DC7798EF3CD442C700
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3A36A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62fileCOMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: CloseDeleteFileHandleHeapProcess
                                                                                                                                                                                                                                          • String ID: \.pl-lock
                                                                                                                                                                                                                                          • API String ID: 3954262013-2455201285
                                                                                                                                                                                                                                          • Opcode ID: e21c178cec99c346edf9bd45d646009d7024cea99f885590e2ca8d17be23ee0b
                                                                                                                                                                                                                                          • Instruction ID: fda176b60c4d620498cafc363a4637f4e2daa49ac76ee08efb7058fd3884787f
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e21c178cec99c346edf9bd45d646009d7024cea99f885590e2ca8d17be23ee0b
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A9118C72B08E4282EE149B15E851269A3A0FF8AFB4F444331DA5D873F5EF6CD944C740
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3B1450 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMONLIBRARYCODE
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          • RtlPcToFileHeader.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF61D381831,?,?,?,?,00007FF61D3887CE), ref: 00007FF61D3B14A0
                                                                                                                                                                                                                                          • RaiseException.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF61D381831,?,?,?,?,00007FF61D3887CE), ref: 00007FF61D3B14E1
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                                                          • String ID: csm
                                                                                                                                                                                                                                          • API String ID: 2573137834-1018135373
                                                                                                                                                                                                                                          • Opcode ID: 04124c17781e69ed753c2a6477849d25da94e132d275fdf1b46bccc5a5a3e01f
                                                                                                                                                                                                                                          • Instruction ID: fc10ff7dd9c9e01eb200b88ae8fbc843491fdf1e6d0199d2107d7325fd6186e9
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 04124c17781e69ed753c2a6477849d25da94e132d275fdf1b46bccc5a5a3e01f
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BC111C32618F4182EB218B15E44025AB7E5FB89B94F588331DA8C47798EF3CD5518B00
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D3902B0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 32COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: BaseCurrentModuleNameProcess_invalid_parameter_noinfo
                                                                                                                                                                                                                                          • String ID: processgovernor.exe
                                                                                                                                                                                                                                          • API String ID: 1937074306-3269163351
                                                                                                                                                                                                                                          • Opcode ID: 1773bc8f193dd170680c4a55337389fa539ab1ae906fce2b9313da2bd3d9158d
                                                                                                                                                                                                                                          • Instruction ID: a3cc674ee66dde25ad6b3f945e2678250d9e96bc707eb53f411f533010b61dab
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1773bc8f193dd170680c4a55337389fa539ab1ae906fce2b9313da2bd3d9158d
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EAF0A435B28E4682FB50A722E4553B69350BF95F90F848031DD4EC7699FE3CE105CB50
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF61D385D40 Relevance: 5.2, APIs: 4, Instructions: 154COMMON
                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000004.00000002.1727159344.00007FF61D381000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00007FF61D380000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727134730.00007FF61D380000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727238245.00007FF61D3D1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3E9000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727274753.00007FF61D3EF000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D3F1000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000004.00000002.1727331755.00007FF61D429000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_4_2_7ff61d380000_PostUpdate.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                          • API String ID: 1717984340-0
                                                                                                                                                                                                                                          • Opcode ID: c6738c28a858470359f5c126c308c9063ef4206405ea709a04d6db27ed3dc594
                                                                                                                                                                                                                                          • Instruction ID: 1789df25d4dc24d97692e3fa1464bb49981fcd6f136811b914b2b6c8810c077c
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c6738c28a858470359f5c126c308c9063ef4206405ea709a04d6db27ed3dc594
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4151C032A09F4282FB649B219905339D295BF46FB4F288235DA5DC6BC9FE7CF4519600
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                                                                          Execution Coverage:4%
                                                                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                          Signature Coverage:9.1%
                                                                                                                                                                                                                                          Total number of Nodes:1010
                                                                                                                                                                                                                                          Total number of Limit Nodes:17
                                                                                                                                                                                                                                          execution_graph 10017 7ff714b6e224 10018 7ff714b6e241 10017->10018 10019 7ff714b6e232 GetLastError ExitThread 10017->10019 10020 7ff714b71360 BuildCatchObjectHelperInternal 53 API calls 10018->10020 10021 7ff714b6e246 10020->10021 10030 7ff714b71eec 10021->10030 10023 7ff714b6e25f 10034 7ff714b629b0 10023->10034 10031 7ff714b71efc 10030->10031 10033 7ff714b6e252 10030->10033 10031->10033 10045 7ff714b71bc4 10031->10045 10033->10023 10039 7ff714b71df8 10033->10039 10048 7ff714b61bc0 GetCurrentProcessId ProcessIdToSessionId 10034->10048 10040 7ff714b719ac BuildCatchObjectHelperInternal 5 API calls 10039->10040 10041 7ff714b71e1f 10040->10041 10041->10023 10046 7ff714b719ac BuildCatchObjectHelperInternal 5 API calls 10045->10046 10047 7ff714b71bec 10046->10047 10047->10033 10049 7ff714b61c29 10048->10049 10091 7ff714b61f0f 10048->10091 10099 7ff714b651a0 10049->10099 10050 7ff714b63730 std::_Throw_Cpp_error 8 API calls 10052 7ff714b61f5d 10050->10052 10092 7ff714b652fc GetCurrentThreadId 10052->10092 10054 7ff714b61f98 10056 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 10054->10056 10055 7ff714b61fa3 10058 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 10055->10058 10056->10055 10060 7ff714b61fb3 10058->10060 10177 7ff714b61060 10060->10177 10064 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 10065 7ff714b61cbb 10064->10065 10066 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 10065->10066 10067 7ff714b61ce2 10066->10067 10068 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 10067->10068 10069 7ff714b61d09 10068->10069 10070 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 10069->10070 10072 7ff714b61d30 10070->10072 10134 7ff714b62fa0 10072->10134 10076 7ff714b61d6b 10077 7ff714b61d91 GetForegroundWindow 10076->10077 10078 7ff714b61db8 GetLastInputInfo 10076->10078 10079 7ff714b61da1 GetWindowThreadProcessId 10076->10079 10077->10076 10077->10078 10080 7ff714b651a0 14 API calls 10078->10080 10079->10078 10087 7ff714b61dd5 memcpy_s 10080->10087 10081 7ff714b61f8d 10083 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 10081->10083 10082 7ff714b61f7e 10084 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 10082->10084 10083->10054 10084->10081 10085 7ff714b61b60 55 API calls 10085->10087 10086 7ff714b61e7f GetCurrentProcess NtQueryInformationProcess 10086->10087 10087->10081 10087->10082 10087->10085 10087->10086 10088 7ff714b651a8 ReleaseSRWLockExclusive 10087->10088 10090 7ff714b6e43c 53 API calls 10087->10090 10089 7ff714b61efa WaitForSingleObject 10088->10089 10089->10077 10089->10091 10090->10087 10091->10050 10404 7ff714b65628 10092->10404 10100 7ff714b651c8 GetCurrentThreadId 10099->10100 10101 7ff714b65207 10100->10101 10102 7ff714b65221 10100->10102 10103 7ff714b6520c AcquireSRWLockExclusive 10101->10103 10107 7ff714b65219 10101->10107 10104 7ff714b6523a 10102->10104 10105 7ff714b65226 10102->10105 10103->10107 10108 7ff714b6527f 10104->10108 10113 7ff714b65248 10104->10113 10106 7ff714b6522e AcquireSRWLockExclusive 10105->10106 10105->10107 10106->10107 10111 7ff714b63730 std::_Throw_Cpp_error 8 API calls 10107->10111 10108->10107 10109 7ff714b65287 TryAcquireSRWLockExclusive 10108->10109 10109->10107 10112 7ff714b61c35 10111->10112 10112->10054 10112->10055 10115 7ff714b651a8 10112->10115 10113->10107 10114 7ff714b6526f TryAcquireSRWLockExclusive 10113->10114 10181 7ff714b65524 10113->10181 10114->10107 10114->10113 10116 7ff714b61c59 10115->10116 10117 7ff714b651b2 ReleaseSRWLockExclusive 10115->10117 10118 7ff714b61200 10116->10118 10117->10116 10119 7ff714b61283 10118->10119 10120 7ff714b61221 10118->10120 10121 7ff714b61308 10119->10121 10123 7ff714b637bc 3 API calls 10119->10123 10190 7ff714b637bc AcquireSRWLockExclusive 10120->10190 10121->10060 10121->10064 10125 7ff714b61299 10123->10125 10125->10121 10195 7ff714b63a5c 10125->10195 10214 7ff714b61490 10134->10214 10136 7ff714b61d5c 10137 7ff714b629e0 10136->10137 10138 7ff714b61200 63 API calls 10137->10138 10139 7ff714b62a15 10138->10139 10140 7ff714b62cfb 10139->10140 10143 7ff714b62a4e 10139->10143 10144 7ff714b62a43 10139->10144 10141 7ff714b61060 2 API calls 10140->10141 10142 7ff714b62d06 10141->10142 10145 7ff714b61060 2 API calls 10142->10145 10147 7ff714b619d0 57 API calls 10143->10147 10146 7ff714b61660 67 API calls 10144->10146 10148 7ff714b62d11 10145->10148 10149 7ff714b62a4c 10146->10149 10147->10149 10149->10140 10150 7ff714b62b31 RegCreateKeyExW 10149->10150 10176 7ff714b62c1f 10149->10176 10151 7ff714b62b7a RegQueryValueExW 10150->10151 10175 7ff714b62c49 10150->10175 10152 7ff714b62bbd RegCloseKey 10151->10152 10153 7ff714b62c43 RegCloseKey 10151->10153 10155 7ff714b61200 63 API calls 10152->10155 10153->10175 10154 7ff714b61200 63 API calls 10157 7ff714b62c81 10154->10157 10158 7ff714b62bce 10155->10158 10156 7ff714b63730 std::_Throw_Cpp_error 8 API calls 10159 7ff714b62c5e 10156->10159 10160 7ff714b62c89 10157->10160 10161 7ff714b62cf1 10157->10161 10158->10142 10167 7ff714b62bf5 10158->10167 10168 7ff714b62c00 10158->10168 10159->10076 10163 7ff714b62cae 10160->10163 10164 7ff714b62ca4 10160->10164 10162 7ff714b61060 2 API calls 10161->10162 10162->10140 10166 7ff714b619d0 57 API calls 10163->10166 10165 7ff714b61660 67 API calls 10164->10165 10169 7ff714b62cac 10165->10169 10166->10169 10170 7ff714b61660 67 API calls 10167->10170 10171 7ff714b619d0 57 API calls 10168->10171 10173 7ff714b62d20 68 API calls 10169->10173 10172 7ff714b62bfe 10170->10172 10171->10172 10375 7ff714b62d20 10172->10375 10173->10175 10175->10156 10176->10154 10178 7ff714b61070 10177->10178 10179 7ff714b665c0 std::_Throw_Cpp_error 2 API calls 10178->10179 10180 7ff714b61081 10179->10180 10184 7ff714b65560 10181->10184 10187 7ff714b656a4 10184->10187 10188 7ff714b656b7 GetSystemTimeAsFileTime 10187->10188 10189 7ff714b656b0 10187->10189 10189->10188 10191 7ff714b637d2 10190->10191 10193 7ff714b637dc SleepConditionVariableSRW 10191->10193 10194 7ff714b637d7 ReleaseSRWLockExclusive 10191->10194 10193->10191 10199 7ff714b63a20 10195->10199 10197 7ff714b612f3 10198 7ff714b63750 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 10197->10198 10200 7ff714b63a3a 10199->10200 10201 7ff714b63a33 std::_Throw_Cpp_error 10199->10201 10203 7ff714b6f3ac 10200->10203 10201->10197 10206 7ff714b6efe8 10203->10206 10213 7ff714b6fb34 EnterCriticalSection 10206->10213 10215 7ff714b614c0 std::_Throw_Cpp_error 10214->10215 10222 7ff714b6161c 10214->10222 10239 7ff714b6d8f0 10215->10239 10216 7ff714b61060 2 API calls 10217 7ff714b61627 10216->10217 10217->10136 10220 7ff714b61060 2 API calls 10220->10222 10221 7ff714b61200 63 API calls 10223 7ff714b6151e 10221->10223 10222->10216 10224 7ff714b6154b 10223->10224 10225 7ff714b6155a 10223->10225 10237 7ff714b61611 10223->10237 10261 7ff714b61660 10224->10261 10284 7ff714b619d0 10225->10284 10227 7ff714b61558 10229 7ff714b61597 10227->10229 10307 7ff714b61840 10227->10307 10231 7ff714b6db4c 55 API calls 10229->10231 10232 7ff714b615be 10231->10232 10233 7ff714b61607 10232->10233 10234 7ff714b615c6 10232->10234 10235 7ff714b61060 2 API calls 10233->10235 10236 7ff714b63730 std::_Throw_Cpp_error 8 API calls 10234->10236 10235->10237 10238 7ff714b615f8 10236->10238 10237->10220 10238->10136 10240 7ff714b6d94a 10239->10240 10241 7ff714b6d96f 10240->10241 10243 7ff714b6d9ab 10240->10243 10242 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 10241->10242 10244 7ff714b6d999 10242->10244 10320 7ff714b6c994 10243->10320 10246 7ff714b6db0d 10244->10246 10247 7ff714b6c5c0 _invalid_parameter_noinfo 53 API calls 10244->10247 10248 7ff714b6db23 10246->10248 10251 7ff714b6c5c0 _invalid_parameter_noinfo 53 API calls 10246->10251 10247->10246 10252 7ff714b63730 std::_Throw_Cpp_error 8 API calls 10248->10252 10249 7ff714b6da8c 10250 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 10249->10250 10250->10244 10251->10248 10254 7ff714b614e9 10252->10254 10254->10221 10254->10223 10254->10237 10255 7ff714b6da61 10259 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 10255->10259 10256 7ff714b6dab2 10256->10249 10258 7ff714b6dabc 10256->10258 10257 7ff714b6da58 10257->10249 10257->10255 10260 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 10258->10260 10259->10244 10260->10244 10331 7ff714b63520 EnterCriticalSection 10261->10331 10263 7ff714b616f3 10263->10227 10264 7ff714b616b0 FindResourceExW 10265 7ff714b61691 10264->10265 10265->10263 10265->10264 10267 7ff714b63520 4 API calls 10265->10267 10268 7ff714b61714 10265->10268 10338 7ff714b610a0 LoadResource 10265->10338 10267->10265 10268->10263 10269 7ff714b61719 FindResourceW 10268->10269 10269->10263 10270 7ff714b6173a LoadResource 10269->10270 10270->10263 10271 7ff714b6174f LockResource 10270->10271 10271->10263 10272 7ff714b61764 SizeofResource 10271->10272 10273 7ff714b6177a 10272->10273 10273->10263 10274 7ff714b617c3 10273->10274 10276 7ff714b61840 57 API calls 10273->10276 10342 7ff714b6b0a0 10274->10342 10276->10274 10277 7ff714b617d6 10278 7ff714b617ee 10277->10278 10282 7ff714b61060 2 API calls 10277->10282 10283 7ff714b61820 10277->10283 10278->10263 10279 7ff714b61060 2 API calls 10278->10279 10281 7ff714b61836 10279->10281 10280 7ff714b61060 2 API calls 10280->10278 10282->10283 10283->10280 10285 7ff714b61a64 10284->10285 10305 7ff714b619f6 memcpy_s 10284->10305 10288 7ff714b61aa1 10285->10288 10289 7ff714b61840 57 API calls 10285->10289 10285->10305 10286 7ff714b61060 2 API calls 10293 7ff714b61b5b std::_Throw_Cpp_error 10286->10293 10287 7ff714b61a16 10287->10227 10290 7ff714b61ab3 10288->10290 10291 7ff714b61af5 10288->10291 10289->10288 10294 7ff714b61ace 10290->10294 10295 7ff714b61ac1 10290->10295 10290->10305 10292 7ff714b61b02 10291->10292 10297 7ff714b61ae0 memcpy_s 10291->10297 10291->10305 10298 7ff714b6e154 _set_errno_from_matherr 11 API calls 10292->10298 10299 7ff714b6db4c 55 API calls 10293->10299 10296 7ff714b61ad3 10294->10296 10294->10297 10300 7ff714b6e154 _set_errno_from_matherr 11 API calls 10295->10300 10301 7ff714b6e154 _set_errno_from_matherr 11 API calls 10296->10301 10304 7ff714b6e154 _set_errno_from_matherr 11 API calls 10297->10304 10297->10305 10302 7ff714b61ac6 10298->10302 10303 7ff714b61ba4 10299->10303 10300->10302 10301->10302 10306 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 10302->10306 10303->10227 10304->10302 10305->10286 10305->10287 10306->10305 10308 7ff714b61857 10307->10308 10311 7ff714b61862 10307->10311 10310 7ff714b619b4 10308->10310 10317 7ff714b61936 memcpy_s 10308->10317 10312 7ff714b619c0 57 API calls 10310->10312 10315 7ff714b61894 10311->10315 10351 7ff714b619c0 10311->10351 10314 7ff714b619b9 10312->10314 10313 7ff714b61956 memcpy_s 10313->10229 10315->10229 10316 7ff714b6e154 _set_errno_from_matherr 11 API calls 10318 7ff714b6196c 10316->10318 10317->10313 10317->10316 10319 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 10318->10319 10319->10313 10321 7ff714b6c9d2 10320->10321 10322 7ff714b6c9c2 10320->10322 10323 7ff714b6c9d8 10321->10323 10328 7ff714b6ca08 10321->10328 10326 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 10322->10326 10324 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 10323->10324 10325 7ff714b6ca00 10324->10325 10325->10249 10325->10255 10325->10256 10325->10257 10326->10325 10327 7ff714b6c628 53 API calls 10327->10328 10328->10322 10328->10325 10328->10327 10329 7ff714b6cc58 55 API calls 10328->10329 10330 7ff714b6ce04 55 API calls 10328->10330 10329->10328 10330->10328 10332 7ff714b6354b 10331->10332 10333 7ff714b63558 LeaveCriticalSection 10331->10333 10332->10333 10334 7ff714b63554 10332->10334 10335 7ff714b63586 10332->10335 10333->10265 10334->10333 10336 7ff714b61060 2 API calls 10335->10336 10337 7ff714b63590 10336->10337 10337->10265 10339 7ff714b610ef 10338->10339 10340 7ff714b610c8 LockResource 10338->10340 10339->10265 10340->10339 10341 7ff714b610d9 SizeofResource 10340->10341 10341->10339 10345 7ff714b6b0b5 10342->10345 10347 7ff714b6b0b1 memcpy_s 10342->10347 10343 7ff714b6b0ba 10344 7ff714b6e154 _set_errno_from_matherr 11 API calls 10343->10344 10350 7ff714b6b0bf 10344->10350 10345->10343 10346 7ff714b6b0fe 10345->10346 10345->10347 10346->10347 10349 7ff714b6e154 _set_errno_from_matherr 11 API calls 10346->10349 10347->10277 10348 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 10348->10347 10349->10350 10350->10348 10352 7ff714b61060 2 API calls 10351->10352 10353 7ff714b619ce 10352->10353 10356 7ff714b61aa1 10353->10356 10357 7ff714b61840 57 API calls 10353->10357 10368 7ff714b619f6 memcpy_s 10353->10368 10354 7ff714b61060 2 API calls 10361 7ff714b61b5b std::_Throw_Cpp_error 10354->10361 10355 7ff714b61a16 10355->10308 10358 7ff714b61ab3 10356->10358 10359 7ff714b61af5 10356->10359 10357->10356 10362 7ff714b61ace 10358->10362 10363 7ff714b61ac1 10358->10363 10358->10368 10360 7ff714b61b02 10359->10360 10365 7ff714b61ae0 memcpy_s 10359->10365 10359->10368 10366 7ff714b6e154 _set_errno_from_matherr 11 API calls 10360->10366 10367 7ff714b6db4c 55 API calls 10361->10367 10364 7ff714b61ad3 10362->10364 10362->10365 10369 7ff714b6e154 _set_errno_from_matherr 11 API calls 10363->10369 10370 7ff714b6e154 _set_errno_from_matherr 11 API calls 10364->10370 10365->10368 10373 7ff714b6e154 _set_errno_from_matherr 11 API calls 10365->10373 10371 7ff714b61ac6 10366->10371 10372 7ff714b61ba4 10367->10372 10368->10354 10368->10355 10369->10371 10370->10371 10374 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 10371->10374 10372->10308 10373->10371 10374->10368 10386 7ff714b62d5b 10375->10386 10376 7ff714b62e17 10378 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 10376->10378 10377 7ff714b62e9f 10401 7ff714b63430 10377->10401 10381 7ff714b62e2b 10378->10381 10380 7ff714b61060 2 API calls 10383 7ff714b62eaf 10380->10383 10387 7ff714b62eb0 10381->10387 10382 7ff714b62ea4 10382->10380 10385 7ff714b62e48 10385->10176 10386->10376 10386->10377 10386->10382 10386->10385 10388 7ff714b62ec6 10387->10388 10389 7ff714b62ed4 10388->10389 10390 7ff714b62f93 10388->10390 10391 7ff714b62f00 memcpy_s 10388->10391 10389->10385 10393 7ff714b619c0 57 API calls 10390->10393 10392 7ff714b62f4a memcpy_s 10391->10392 10394 7ff714b62f33 10391->10394 10398 7ff714b62f66 10391->10398 10392->10385 10395 7ff714b62f98 10393->10395 10396 7ff714b6e154 _set_errno_from_matherr 11 API calls 10394->10396 10397 7ff714b62f38 10396->10397 10399 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 10397->10399 10398->10392 10400 7ff714b6e154 _set_errno_from_matherr 11 API calls 10398->10400 10399->10392 10400->10397 10402 7ff714b654d8 std::_Xinvalid_argument 55 API calls 10401->10402 10403 7ff714b63440 10402->10403 10405 7ff714b656d8 EnterCriticalSection 10404->10405 10418 7ff714b62040 10419 7ff714b62054 10418->10419 10420 7ff714b621b6 SetTimer SetTimer 10418->10420 10421 7ff714b6205d 10419->10421 10422 7ff714b62199 SetEvent PostQuitMessage 10419->10422 10423 7ff714b6218b DestroyWindow 10421->10423 10424 7ff714b6206f 10421->10424 10425 7ff714b62076 DefWindowProcW 10424->10425 10426 7ff714b62082 10424->10426 10425->10426 10427 7ff714b6213a OpenEventW 10426->10427 10428 7ff714b62096 10426->10428 10429 7ff714b62179 10427->10429 10431 7ff714b62156 WaitForSingleObject CloseHandle 10427->10431 10428->10429 10430 7ff714b620a0 OpenEventW 10428->10430 10430->10429 10433 7ff714b620c0 WaitForSingleObject 10430->10433 10431->10429 10432 7ff714b62170 DestroyWindow 10431->10432 10432->10429 10434 7ff714b6211f CloseHandle 10433->10434 10435 7ff714b620cf OpenEventW 10433->10435 10436 7ff714b6210e SetThreadExecutionState 10435->10436 10437 7ff714b620f2 WaitForSingleObject CloseHandle 10435->10437 10436->10434 10437->10436 9078 7ff714b63bc8 9099 7ff714b63870 9078->9099 9081 7ff714b63d14 9184 7ff714b64184 IsProcessorFeaturePresent 9081->9184 9082 7ff714b63be4 9084 7ff714b63d1e 9082->9084 9086 7ff714b63c02 __scrt_release_startup_lock 9082->9086 9085 7ff714b64184 std::_Throw_Cpp_error 7 API calls 9084->9085 9088 7ff714b63d29 BuildCatchObjectHelperInternal 9085->9088 9087 7ff714b63c27 9086->9087 9089 7ff714b63cad 9086->9089 9173 7ff714b6e9c0 9086->9173 9105 7ff714b642cc 9089->9105 9091 7ff714b63cb2 9108 7ff714b621f0 CreateMutexW 9091->9108 9096 7ff714b63cd5 9096->9088 9180 7ff714b639f4 9096->9180 9100 7ff714b63878 9099->9100 9101 7ff714b63884 __scrt_dllmain_crt_thread_attach 9100->9101 9102 7ff714b6388d 9101->9102 9103 7ff714b63891 9101->9103 9102->9081 9102->9082 9103->9102 9191 7ff714b66690 9103->9191 9218 7ff714b7a200 9105->9218 9109 7ff714b626a8 9108->9109 9110 7ff714b62244 WaitForSingleObject 9108->9110 9284 7ff714b63730 9109->9284 9110->9109 9111 7ff714b62257 CreateEventW 9110->9111 9220 7ff714b6518c 9111->9220 9114 7ff714b622ac CreateEventW LoadLibraryW GetProcAddress 9116 7ff714b62307 memcpy_s 9114->9116 9221 7ff714b61b60 9116->9221 9119 7ff714b62612 MessageBoxW 9121 7ff714b6246d 9119->9121 9120 7ff714b62382 GetCurrentProcess NtQueryInformationProcess 9122 7ff714b623b0 9120->9122 9123 7ff714b6263b SetEvent 9121->9123 9124 7ff714b62681 FreeLibrary CloseHandle 9121->9124 9122->9122 9125 7ff714b623f3 GetCurrentProcess SetPriorityClass LoadCursorW RegisterClassExW 9122->9125 9269 7ff714b6e43c 9122->9269 9127 7ff714b6264f GetCurrentThreadId 9123->9127 9157 7ff714b62714 9123->9157 9126 7ff714b6269e std::_Throw_Cpp_error 9124->9126 9125->9121 9129 7ff714b62477 CreateWindowExW 9125->9129 9136 7ff714b626d9 9126->9136 9137 7ff714b626a4 9126->9137 9133 7ff714b6265d 9127->9133 9134 7ff714b6271f 9127->9134 9130 7ff714b624de 9129->9130 9131 7ff714b624bf MessageBoxW 9129->9131 9225 7ff714b63aa8 9130->9225 9131->9121 9132 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 9132->9134 9138 7ff714b653b0 3 API calls 9133->9138 9139 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 9134->9139 9293 7ff714b6e4a4 9136->9293 9137->9109 9142 7ff714b62672 9138->9142 9143 7ff714b6272a 9139->9143 9142->9124 9142->9143 9146 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 9143->9146 9149 7ff714b62735 9146->9149 9148 7ff714b626df 9298 7ff714b64ed0 9148->9298 9151 7ff714b62532 GetMessageW 9155 7ff714b6255d 9151->9155 9156 7ff714b62598 9151->9156 9152 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 9152->9157 9153 7ff714b626e9 9161 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 9153->9161 9154 7ff714b6e4a4 __GSHandlerCheck_EH 53 API calls 9158 7ff714b62705 9154->9158 9164 7ff714b62565 TranslateMessage DispatchMessageW 9155->9164 9165 7ff714b6257f GetMessageW 9155->9165 9159 7ff714b6259d SetEvent 9156->9159 9160 7ff714b625e2 SendMessageW 9156->9160 9157->9132 9158->9152 9159->9148 9166 7ff714b625b0 GetCurrentThreadId 9159->9166 9162 7ff714b62607 ReleaseMutex 9160->9162 9163 7ff714b62601 CloseHandle 9160->9163 9167 7ff714b626f4 9161->9167 9162->9121 9163->9162 9164->9165 9165->9155 9165->9156 9166->9153 9168 7ff714b625be 9166->9168 9170 7ff714b64ed0 std::_Throw_Cpp_error 67 API calls 9167->9170 9278 7ff714b653b0 WaitForSingleObjectEx 9168->9278 9172 7ff714b626ff 9170->9172 9172->9154 9174 7ff714b6e9d7 9173->9174 9175 7ff714b6e9f8 9173->9175 9174->9089 9176 7ff714b6e4a4 __GSHandlerCheck_EH 53 API calls 9175->9176 9177 7ff714b6e9fd 9176->9177 9178 7ff714b64314 GetModuleHandleW 9179 7ff714b64325 9178->9179 9179->9096 9181 7ff714b63a05 9180->9181 9182 7ff714b63a15 9181->9182 9183 7ff714b66690 7 API calls 9181->9183 9182->9087 9183->9182 9185 7ff714b641aa memcpy_s _invalid_parameter_noinfo_noreturn 9184->9185 9186 7ff714b641c9 RtlCaptureContext RtlLookupFunctionEntry 9185->9186 9187 7ff714b6422e memcpy_s 9186->9187 9188 7ff714b641f2 RtlVirtualUnwind 9186->9188 9189 7ff714b64260 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 9187->9189 9188->9187 9190 7ff714b642ae _invalid_parameter_noinfo_noreturn 9189->9190 9190->9084 9192 7ff714b66698 9191->9192 9193 7ff714b666a2 9191->9193 9197 7ff714b66a30 9192->9197 9193->9102 9198 7ff714b6669d 9197->9198 9199 7ff714b66a3f 9197->9199 9201 7ff714b69bd8 9198->9201 9205 7ff714b69e44 9199->9205 9202 7ff714b69c03 9201->9202 9203 7ff714b69c07 9202->9203 9204 7ff714b69be6 DeleteCriticalSection 9202->9204 9203->9193 9204->9202 9209 7ff714b69cac 9205->9209 9210 7ff714b69d96 TlsFree 9209->9210 9216 7ff714b69cf0 __vcrt_FlsAlloc 9209->9216 9211 7ff714b69d1e LoadLibraryExW 9213 7ff714b69dbd 9211->9213 9214 7ff714b69d3f GetLastError 9211->9214 9212 7ff714b69ddd GetProcAddress 9212->9210 9213->9212 9215 7ff714b69dd4 FreeLibrary 9213->9215 9214->9216 9215->9212 9216->9210 9216->9211 9216->9212 9217 7ff714b69d61 LoadLibraryExW 9216->9217 9217->9213 9217->9216 9219 7ff714b642e3 GetStartupInfoW 9218->9219 9219->9091 9220->9114 9222 7ff714b61b85 std::_Throw_Cpp_error 9221->9222 9304 7ff714b6db4c 9222->9304 9227 7ff714b63ab3 9225->9227 9226 7ff714b624e8 9251 7ff714b6e35c 9226->9251 9227->9226 9228 7ff714b6f574 BuildCatchObjectHelperInternal 2 API calls 9227->9228 9229 7ff714b63ad2 9227->9229 9228->9227 9230 7ff714b63add 9229->9230 9881 7ff714b643f4 9229->9881 9885 7ff714b63410 9230->9885 9252 7ff714b6e38c 9251->9252 9253 7ff714b6e375 9251->9253 9894 7ff714b6e2f8 9252->9894 9254 7ff714b6e154 _set_errno_from_matherr 11 API calls 9253->9254 9256 7ff714b6e37a 9254->9256 9258 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 9256->9258 9264 7ff714b6251b 9258->9264 9259 7ff714b6e3dc 9262 7ff714b6e3ec CloseHandle 9259->9262 9263 7ff714b6e3f2 9259->9263 9259->9264 9260 7ff714b6e39f CreateThread 9261 7ff714b6e3cf GetLastError 9260->9261 9260->9264 9901 7ff714b6e0c8 9261->9901 9262->9263 9266 7ff714b6e3fb FreeLibrary 9263->9266 9267 7ff714b6e401 9263->9267 9264->9151 9264->9158 9264->9172 9266->9267 9268 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9267->9268 9268->9264 9270 7ff714b6e449 9269->9270 9271 7ff714b6e453 9269->9271 9270->9271 9276 7ff714b6e46f 9270->9276 9272 7ff714b6e154 _set_errno_from_matherr 11 API calls 9271->9272 9273 7ff714b6e45b 9272->9273 9274 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 9273->9274 9275 7ff714b6e467 9274->9275 9275->9125 9276->9275 9277 7ff714b6e154 _set_errno_from_matherr 11 API calls 9276->9277 9277->9273 9279 7ff714b653d4 9278->9279 9280 7ff714b625d3 9278->9280 9281 7ff714b653d9 GetExitCodeThread 9279->9281 9282 7ff714b653f1 CloseHandle 9279->9282 9280->9160 9280->9167 9281->9280 9283 7ff714b653eb 9281->9283 9282->9280 9283->9282 9285 7ff714b63739 9284->9285 9286 7ff714b626bc 9285->9286 9287 7ff714b63e74 IsProcessorFeaturePresent 9285->9287 9286->9178 9288 7ff714b63e8c 9287->9288 9906 7ff714b63f48 RtlCaptureContext 9288->9906 9294 7ff714b71360 BuildCatchObjectHelperInternal 53 API calls 9293->9294 9295 7ff714b6e4ad 9294->9295 9296 7ff714b6f8f8 BuildCatchObjectHelperInternal 53 API calls 9295->9296 9297 7ff714b6e4cd 9296->9297 9299 7ff714b64ee9 std::_Throw_Cpp_error 9298->9299 9911 7ff714b64c88 9299->9911 9302 7ff714b665c0 std::_Throw_Cpp_error 2 API calls 9303 7ff714b64f16 9302->9303 9305 7ff714b6db85 9304->9305 9310 7ff714b6dbc8 9305->9310 9314 7ff714b6b11c 9305->9314 9308 7ff714b6dc07 9309 7ff714b6dc2d 9308->9309 9335 7ff714b6c5c0 9308->9335 9312 7ff714b61ba4 9309->9312 9313 7ff714b6c5c0 _invalid_parameter_noinfo 53 API calls 9309->9313 9310->9308 9325 7ff714b6df18 9310->9325 9312->9119 9312->9120 9313->9312 9315 7ff714b6b18b 9314->9315 9316 7ff714b6b15f 9314->9316 9315->9316 9318 7ff714b6b195 9315->9318 9317 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9316->9317 9323 7ff714b6b183 9317->9323 9344 7ff714b6c6b8 9318->9344 9320 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9321 7ff714b6b2a4 9320->9321 9321->9310 9323->9320 9735 7ff714b6dc60 9325->9735 9330 7ff714b6df53 9330->9308 9331 7ff714b6e038 _invalid_parameter_noinfo_noreturn 17 API calls 9332 7ff714b6dfe6 9331->9332 9744 7ff714b6de7c 9332->9744 9336 7ff714b6c618 9335->9336 9337 7ff714b6c5cf GetLastError 9335->9337 9336->9309 9338 7ff714b6c5e4 9337->9338 9339 7ff714b715a0 _invalid_parameter_noinfo 16 API calls 9338->9339 9340 7ff714b6c5fe SetLastError 9339->9340 9340->9336 9341 7ff714b6c621 9340->9341 9795 7ff714b6f8f8 9341->9795 9345 7ff714b6c6f6 9344->9345 9346 7ff714b6c6e6 9344->9346 9347 7ff714b6c6fc 9345->9347 9352 7ff714b6c72c 9345->9352 9348 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9346->9348 9349 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9347->9349 9350 7ff714b6b233 9348->9350 9349->9350 9355 7ff714b6fccc 9350->9355 9352->9346 9352->9350 9361 7ff714b6ce04 9352->9361 9392 7ff714b6cc58 9352->9392 9427 7ff714b6c628 9352->9427 9356 7ff714b6fd00 9355->9356 9357 7ff714b6fcd1 HeapFree 9355->9357 9356->9323 9357->9356 9358 7ff714b6fcec GetLastError 9357->9358 9359 7ff714b6fcf9 Concurrency::details::SchedulerProxy::DeleteThis 9358->9359 9360 7ff714b6e154 _set_errno_from_matherr 9 API calls 9359->9360 9360->9356 9362 7ff714b6ceba 9361->9362 9363 7ff714b6ce48 9361->9363 9365 7ff714b6cf38 9362->9365 9366 7ff714b6cec0 9362->9366 9364 7ff714b6cf2b 9363->9364 9376 7ff714b6ce4e 9363->9376 9458 7ff714b6bdac 9364->9458 9465 7ff714b6d2dc 9365->9465 9366->9364 9369 7ff714b6cecc 9366->9369 9370 7ff714b6cf24 9366->9370 9368 7ff714b6ce8d 9390 7ff714b6cf43 9368->9390 9430 7ff714b6d53c 9368->9430 9373 7ff714b6cf04 9369->9373 9374 7ff714b6ced2 9369->9374 9454 7ff714b6d600 9370->9454 9447 7ff714b6bbc0 9373->9447 9379 7ff714b6ceed 9374->9379 9381 7ff714b6cede 9374->9381 9385 7ff714b6cead 9374->9385 9376->9365 9376->9368 9376->9379 9380 7ff714b6ce78 9376->9380 9376->9390 9377 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9383 7ff714b6d242 9377->9383 9443 7ff714b6d6b4 9379->9443 9384 7ff714b6ce7d 9380->9384 9380->9385 9381->9364 9381->9385 9383->9352 9384->9365 9384->9368 9387 7ff714b6ce9e 9384->9387 9385->9390 9436 7ff714b6bf98 9385->9436 9387->9390 9391 7ff714b6d129 9387->9391 9475 7ff714b6d7d0 9387->9475 9390->9377 9391->9390 9482 7ff714b70e30 9391->9482 9393 7ff714b6cc7c 9392->9393 9394 7ff714b6cc66 9392->9394 9395 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9393->9395 9404 7ff714b6ccbc 9393->9404 9396 7ff714b6ceba 9394->9396 9397 7ff714b6ce48 9394->9397 9394->9404 9395->9404 9398 7ff714b6cf38 9396->9398 9400 7ff714b6cec0 9396->9400 9401 7ff714b6cf2b 9397->9401 9402 7ff714b6ce4e 9397->9402 9399 7ff714b6d2dc 54 API calls 9398->9399 9423 7ff714b6ce9e 9399->9423 9400->9401 9405 7ff714b6cecc 9400->9405 9406 7ff714b6cf24 9400->9406 9407 7ff714b6bdac 54 API calls 9401->9407 9402->9398 9403 7ff714b6ce8d 9402->9403 9414 7ff714b6ceed 9402->9414 9415 7ff714b6ce78 9402->9415 9426 7ff714b6cf43 9402->9426 9411 7ff714b6d53c 54 API calls 9403->9411 9403->9426 9404->9352 9409 7ff714b6cf04 9405->9409 9410 7ff714b6ced2 9405->9410 9408 7ff714b6d600 53 API calls 9406->9408 9407->9423 9408->9423 9413 7ff714b6bbc0 54 API calls 9409->9413 9410->9414 9416 7ff714b6cede 9410->9416 9420 7ff714b6cead 9410->9420 9411->9423 9412 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9418 7ff714b6d242 9412->9418 9413->9423 9417 7ff714b6d6b4 53 API calls 9414->9417 9419 7ff714b6ce7d 9415->9419 9415->9420 9416->9401 9416->9420 9417->9423 9418->9352 9419->9398 9419->9403 9419->9423 9421 7ff714b6bf98 54 API calls 9420->9421 9420->9426 9421->9423 9422 7ff714b6d7d0 53 API calls 9425 7ff714b6d129 9422->9425 9423->9422 9423->9425 9423->9426 9424 7ff714b70e30 54 API calls 9424->9425 9425->9424 9425->9426 9426->9412 9718 7ff714b6b468 9427->9718 9432 7ff714b6d56f 9430->9432 9431 7ff714b6d58d 9434 7ff714b70e30 54 API calls 9431->9434 9432->9431 9433 7ff714b6d7d0 53 API calls 9432->9433 9435 7ff714b6d5b4 9432->9435 9433->9431 9434->9435 9435->9387 9437 7ff714b6bfbe 9436->9437 9438 7ff714b6bfe8 9437->9438 9440 7ff714b6c09f 9437->9440 9442 7ff714b6c024 9438->9442 9494 7ff714b6b37c 9438->9494 9441 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9440->9441 9441->9442 9442->9387 9444 7ff714b6d6f5 9443->9444 9446 7ff714b6d6f9 9444->9446 9515 7ff714b6d74c 9444->9515 9446->9387 9448 7ff714b6bbe6 9447->9448 9449 7ff714b6bc10 9448->9449 9451 7ff714b6bcc7 9448->9451 9450 7ff714b6b37c 12 API calls 9449->9450 9453 7ff714b6bc4c 9449->9453 9450->9453 9452 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9451->9452 9452->9453 9453->9387 9457 7ff714b6d61f 9454->9457 9455 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9456 7ff714b6d650 9455->9456 9456->9387 9457->9455 9457->9456 9459 7ff714b6bdd2 9458->9459 9460 7ff714b6bdfc 9459->9460 9462 7ff714b6beb3 9459->9462 9461 7ff714b6b37c 12 API calls 9460->9461 9464 7ff714b6be38 9460->9464 9461->9464 9463 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9462->9463 9463->9464 9464->9387 9466 7ff714b6d302 9465->9466 9519 7ff714b6b2d4 9466->9519 9471 7ff714b6d7d0 53 API calls 9474 7ff714b6d440 9471->9474 9472 7ff714b6d4ce 9472->9387 9472->9472 9473 7ff714b6d7d0 53 API calls 9473->9472 9474->9472 9474->9473 9474->9474 9476 7ff714b6c5c0 _invalid_parameter_noinfo 53 API calls 9475->9476 9477 7ff714b6d7e7 9476->9477 9662 7ff714b6ff74 9477->9662 9483 7ff714b70e61 9482->9483 9489 7ff714b70e6f 9482->9489 9484 7ff714b70e8f 9483->9484 9485 7ff714b6d7d0 53 API calls 9483->9485 9483->9489 9486 7ff714b70ec7 9484->9486 9487 7ff714b70ea0 9484->9487 9485->9484 9486->9489 9490 7ff714b70ef1 9486->9490 9491 7ff714b70f52 9486->9491 9708 7ff714b760e8 9487->9708 9489->9391 9490->9489 9711 7ff714b73128 9490->9711 9492 7ff714b73128 MultiByteToWideChar 9491->9492 9492->9489 9495 7ff714b6b3b3 9494->9495 9501 7ff714b6b3a2 9494->9501 9495->9501 9502 7ff714b6fd08 9495->9502 9498 7ff714b6b3f8 9500 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9498->9500 9499 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9499->9498 9500->9501 9501->9442 9503 7ff714b6fd53 9502->9503 9508 7ff714b6fd17 BuildCatchObjectHelperInternal 9502->9508 9512 7ff714b6e154 9503->9512 9504 7ff714b6fd3a HeapAlloc 9506 7ff714b6b3e4 9504->9506 9504->9508 9506->9498 9506->9499 9508->9503 9508->9504 9509 7ff714b6f574 9508->9509 9510 7ff714b6f5b0 BuildCatchObjectHelperInternal EnterCriticalSection LeaveCriticalSection 9509->9510 9511 7ff714b6f582 9510->9511 9511->9508 9513 7ff714b714d8 _set_errno_from_matherr 11 API calls 9512->9513 9514 7ff714b6e15d 9513->9514 9514->9506 9516 7ff714b6d76a 9515->9516 9517 7ff714b6d772 9515->9517 9518 7ff714b6d7d0 53 API calls 9516->9518 9517->9446 9518->9517 9520 7ff714b6b2fa 9519->9520 9521 7ff714b6b30b 9519->9521 9527 7ff714b70b48 9520->9527 9521->9520 9522 7ff714b6fd08 std::_Throw_Cpp_error 12 API calls 9521->9522 9523 7ff714b6b338 9522->9523 9524 7ff714b6b34c 9523->9524 9525 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9523->9525 9526 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9524->9526 9525->9524 9526->9520 9528 7ff714b70b98 9527->9528 9529 7ff714b70b65 9527->9529 9528->9529 9531 7ff714b70bca 9528->9531 9530 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9529->9530 9540 7ff714b6d41e 9530->9540 9537 7ff714b70cdd 9531->9537 9541 7ff714b70c12 9531->9541 9532 7ff714b70dcf 9582 7ff714b70018 9532->9582 9534 7ff714b70d95 9575 7ff714b703cc 9534->9575 9536 7ff714b70d64 9568 7ff714b706ac 9536->9568 9537->9532 9537->9534 9537->9536 9539 7ff714b70d27 9537->9539 9543 7ff714b70d1d 9537->9543 9558 7ff714b708dc 9539->9558 9540->9471 9540->9474 9541->9540 9549 7ff714b6fba4 9541->9549 9543->9534 9544 7ff714b70d22 9543->9544 9544->9536 9544->9539 9550 7ff714b6fbbb 9549->9550 9551 7ff714b6fbb1 9549->9551 9552 7ff714b6e154 _set_errno_from_matherr 11 API calls 9550->9552 9551->9550 9556 7ff714b6fbd6 9551->9556 9553 7ff714b6fbc2 9552->9553 9595 7ff714b6dfe8 9553->9595 9555 7ff714b6fbce 9555->9540 9591 7ff714b6e038 IsProcessorFeaturePresent 9555->9591 9556->9555 9557 7ff714b6e154 _set_errno_from_matherr 11 API calls 9556->9557 9557->9553 9598 7ff714b74e0c 9558->9598 9562 7ff714b70984 9563 7ff714b709d9 9562->9563 9565 7ff714b709a4 9562->9565 9567 7ff714b70988 9562->9567 9643 7ff714b704c8 9563->9643 9639 7ff714b70784 9565->9639 9567->9540 9569 7ff714b74e0c 53 API calls 9568->9569 9570 7ff714b706f6 9569->9570 9571 7ff714b747f0 53 API calls 9570->9571 9572 7ff714b70746 9571->9572 9573 7ff714b7074a 9572->9573 9574 7ff714b70784 53 API calls 9572->9574 9573->9540 9574->9573 9576 7ff714b74e0c 53 API calls 9575->9576 9577 7ff714b70417 9576->9577 9578 7ff714b747f0 53 API calls 9577->9578 9579 7ff714b7046f 9578->9579 9580 7ff714b70473 9579->9580 9581 7ff714b704c8 53 API calls 9579->9581 9580->9540 9581->9580 9583 7ff714b7005d 9582->9583 9584 7ff714b70090 9582->9584 9585 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9583->9585 9586 7ff714b700ab 9584->9586 9589 7ff714b7012f 9584->9589 9588 7ff714b70089 memcpy_s 9585->9588 9587 7ff714b703cc 53 API calls 9586->9587 9587->9588 9588->9540 9589->9588 9590 7ff714b6d7d0 53 API calls 9589->9590 9590->9588 9592 7ff714b6e04b 9591->9592 9654 7ff714b6dd18 9592->9654 9596 7ff714b6de7c _invalid_parameter_noinfo 53 API calls 9595->9596 9597 7ff714b6e001 9596->9597 9597->9555 9599 7ff714b74e60 fegetenv 9598->9599 9600 7ff714b77bec 53 API calls 9599->9600 9602 7ff714b74eb4 9600->9602 9601 7ff714b74ee3 9603 7ff714b6fba4 std::_Xinvalid_argument 53 API calls 9601->9603 9604 7ff714b74ed0 9602->9604 9605 7ff714b74f80 9602->9605 9618 7ff714b74fa3 memcpy_s 9602->9618 9606 7ff714b74f61 9603->9606 9604->9601 9604->9618 9608 7ff714b6fba4 std::_Xinvalid_argument 53 API calls 9605->9608 9607 7ff714b76036 9606->9607 9620 7ff714b74f69 9606->9620 9609 7ff714b6e038 _invalid_parameter_noinfo_noreturn 17 API calls 9607->9609 9608->9606 9610 7ff714b7604b 9609->9610 9611 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9612 7ff714b70929 9611->9612 9635 7ff714b747f0 9612->9635 9613 7ff714b753b7 memcpy_s 9614 7ff714b756f8 9615 7ff714b74980 53 API calls 9614->9615 9623 7ff714b75e0b 9615->9623 9616 7ff714b756a3 9616->9614 9619 7ff714b7604c memcpy_s 53 API calls 9616->9619 9617 7ff714b7504f memcpy_s 9629 7ff714b754ab memcpy_s 9617->9629 9631 7ff714b75991 memcpy_s 9617->9631 9618->9613 9618->9617 9621 7ff714b6e154 _set_errno_from_matherr 11 API calls 9618->9621 9619->9614 9620->9611 9622 7ff714b75488 9621->9622 9624 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 9622->9624 9625 7ff714b7604c memcpy_s 53 API calls 9623->9625 9627 7ff714b75e66 9623->9627 9624->9617 9625->9627 9626 7ff714b6e154 11 API calls _set_errno_from_matherr 9626->9629 9627->9620 9630 7ff714b74980 53 API calls 9627->9630 9634 7ff714b7604c memcpy_s 53 API calls 9627->9634 9628 7ff714b6e154 11 API calls _set_errno_from_matherr 9628->9631 9629->9616 9629->9626 9633 7ff714b6dfe8 53 API calls _invalid_parameter_noinfo 9629->9633 9630->9627 9631->9614 9631->9616 9631->9628 9632 7ff714b6dfe8 53 API calls _invalid_parameter_noinfo 9631->9632 9632->9631 9633->9629 9634->9627 9636 7ff714b74818 9635->9636 9637 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9636->9637 9638 7ff714b74846 memcpy_s 9636->9638 9637->9638 9638->9562 9640 7ff714b707b0 memcpy_s 9639->9640 9641 7ff714b6d7d0 53 API calls 9640->9641 9642 7ff714b7086a memcpy_s 9640->9642 9641->9642 9642->9567 9644 7ff714b70503 9643->9644 9648 7ff714b70550 memcpy_s 9643->9648 9645 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9644->9645 9646 7ff714b7052f 9645->9646 9646->9567 9647 7ff714b705bb 9649 7ff714b6fba4 std::_Xinvalid_argument 53 API calls 9647->9649 9648->9647 9650 7ff714b6d7d0 53 API calls 9648->9650 9653 7ff714b705fd memcpy_s 9649->9653 9650->9647 9651 7ff714b6e038 _invalid_parameter_noinfo_noreturn 17 API calls 9652 7ff714b706a8 9651->9652 9653->9651 9655 7ff714b6dd52 memcpy_s _invalid_parameter_noinfo_noreturn 9654->9655 9656 7ff714b6dd7a RtlCaptureContext RtlLookupFunctionEntry 9655->9656 9657 7ff714b6ddea IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 9656->9657 9658 7ff714b6ddb4 RtlVirtualUnwind 9656->9658 9660 7ff714b6de3c _invalid_parameter_noinfo_noreturn 9657->9660 9658->9657 9659 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9661 7ff714b6de5b GetCurrentProcess TerminateProcess 9659->9661 9660->9659 9663 7ff714b6ff8d 9662->9663 9664 7ff714b6d80f 9662->9664 9663->9664 9670 7ff714b74624 9663->9670 9666 7ff714b6ffe0 9664->9666 9667 7ff714b6fff9 9666->9667 9668 7ff714b6d81f 9666->9668 9667->9668 9705 7ff714b72e24 9667->9705 9668->9391 9682 7ff714b71360 GetLastError 9670->9682 9673 7ff714b7467e 9673->9664 9683 7ff714b71384 FlsGetValue 9682->9683 9684 7ff714b713a1 FlsSetValue 9682->9684 9685 7ff714b7139b 9683->9685 9701 7ff714b71391 9683->9701 9686 7ff714b713b3 9684->9686 9684->9701 9685->9684 9688 7ff714b71934 BuildCatchObjectHelperInternal 11 API calls 9686->9688 9687 7ff714b7140d SetLastError 9689 7ff714b7142d 9687->9689 9690 7ff714b7141a 9687->9690 9691 7ff714b713c2 9688->9691 9692 7ff714b6f8f8 BuildCatchObjectHelperInternal 46 API calls 9689->9692 9690->9673 9704 7ff714b6fb34 EnterCriticalSection 9690->9704 9693 7ff714b713e0 FlsSetValue 9691->9693 9694 7ff714b713d0 FlsSetValue 9691->9694 9697 7ff714b71432 9692->9697 9695 7ff714b713fe 9693->9695 9696 7ff714b713ec FlsSetValue 9693->9696 9698 7ff714b713d9 9694->9698 9700 7ff714b71110 _set_errno_from_matherr 11 API calls 9695->9700 9696->9698 9699 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9698->9699 9699->9701 9702 7ff714b71406 9700->9702 9701->9687 9703 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9702->9703 9703->9687 9706 7ff714b71360 BuildCatchObjectHelperInternal 53 API calls 9705->9706 9707 7ff714b72e2d 9706->9707 9714 7ff714b78690 9708->9714 9712 7ff714b73130 MultiByteToWideChar 9711->9712 9717 7ff714b786f4 9714->9717 9715 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9716 7ff714b76105 9715->9716 9716->9489 9717->9715 9719 7ff714b6b49d 9718->9719 9720 7ff714b6b4af 9718->9720 9721 7ff714b6e154 _set_errno_from_matherr 11 API calls 9719->9721 9723 7ff714b6b4bd 9720->9723 9727 7ff714b6b4f9 9720->9727 9722 7ff714b6b4a2 9721->9722 9724 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 9722->9724 9725 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9723->9725 9730 7ff714b6b4ad 9724->9730 9725->9730 9726 7ff714b6b859 9728 7ff714b6e154 _set_errno_from_matherr 11 API calls 9726->9728 9726->9730 9727->9726 9729 7ff714b6e154 _set_errno_from_matherr 11 API calls 9727->9729 9731 7ff714b6baf9 9728->9731 9732 7ff714b6b84e 9729->9732 9730->9352 9733 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 9731->9733 9734 7ff714b6dfe8 _invalid_parameter_noinfo 53 API calls 9732->9734 9733->9730 9734->9726 9736 7ff714b6dc7c GetLastError 9735->9736 9737 7ff714b6dcb7 9735->9737 9738 7ff714b6dc8c 9736->9738 9737->9330 9741 7ff714b6dccc 9737->9741 9752 7ff714b715a0 9738->9752 9742 7ff714b6dce8 GetLastError SetLastError 9741->9742 9743 7ff714b6dd00 9741->9743 9742->9743 9743->9330 9743->9331 9745 7ff714b6dea7 9744->9745 9746 7ff714b6df18 _invalid_parameter_noinfo 53 API calls 9745->9746 9747 7ff714b6dece 9746->9747 9748 7ff714b6def1 9747->9748 9749 7ff714b6c5c0 _invalid_parameter_noinfo 53 API calls 9747->9749 9750 7ff714b6df06 9748->9750 9751 7ff714b6c5c0 _invalid_parameter_noinfo 53 API calls 9748->9751 9749->9748 9750->9308 9751->9750 9753 7ff714b715da FlsSetValue 9752->9753 9754 7ff714b715bf FlsGetValue 9752->9754 9755 7ff714b6dca7 SetLastError 9753->9755 9757 7ff714b715e7 9753->9757 9754->9755 9756 7ff714b715d4 9754->9756 9755->9737 9756->9753 9769 7ff714b71934 9757->9769 9760 7ff714b71614 FlsSetValue 9762 7ff714b71632 9760->9762 9763 7ff714b71620 FlsSetValue 9760->9763 9761 7ff714b71604 FlsSetValue 9764 7ff714b7160d 9761->9764 9776 7ff714b71110 9762->9776 9763->9764 9766 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9764->9766 9766->9755 9774 7ff714b71945 BuildCatchObjectHelperInternal 9769->9774 9770 7ff714b71996 9773 7ff714b6e154 _set_errno_from_matherr 10 API calls 9770->9773 9771 7ff714b7197a RtlAllocateHeap 9772 7ff714b715f6 9771->9772 9771->9774 9772->9760 9772->9761 9773->9772 9774->9770 9774->9771 9775 7ff714b6f574 BuildCatchObjectHelperInternal 2 API calls 9774->9775 9775->9774 9781 7ff714b70fe8 9776->9781 9793 7ff714b6fb34 EnterCriticalSection 9781->9793 9814 7ff714b7341c 9795->9814 9845 7ff714b733d4 9814->9845 9850 7ff714b6fb34 EnterCriticalSection 9845->9850 9882 7ff714b64402 std::bad_alloc::bad_alloc 9881->9882 9889 7ff714b665c0 9882->9889 9884 7ff714b64413 9886 7ff714b6341e Concurrency::cancel_current_task 9885->9886 9887 7ff714b665c0 std::_Throw_Cpp_error 2 API calls 9886->9887 9888 7ff714b6342f 9887->9888 9890 7ff714b665df 9889->9890 9891 7ff714b66608 RtlPcToFileHeader 9890->9891 9892 7ff714b6662a RaiseException 9890->9892 9893 7ff714b66620 9891->9893 9892->9884 9893->9892 9895 7ff714b71934 BuildCatchObjectHelperInternal 11 API calls 9894->9895 9896 7ff714b6e31a 9895->9896 9897 7ff714b6fccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9896->9897 9898 7ff714b6e324 9897->9898 9899 7ff714b6e32d GetModuleHandleExW 9898->9899 9900 7ff714b6e329 9898->9900 9899->9900 9900->9259 9900->9260 9902 7ff714b714d8 _set_errno_from_matherr 11 API calls 9901->9902 9903 7ff714b6e0d5 Concurrency::details::SchedulerProxy::DeleteThis 9902->9903 9904 7ff714b714d8 _set_errno_from_matherr 11 API calls 9903->9904 9905 7ff714b6e0f7 9904->9905 9905->9259 9907 7ff714b63f62 RtlLookupFunctionEntry 9906->9907 9908 7ff714b63f78 RtlVirtualUnwind 9907->9908 9909 7ff714b63e9f 9907->9909 9908->9907 9908->9909 9910 7ff714b63e40 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 9909->9910 9912 7ff714b64cc4 9911->9912 9912->9912 9923 7ff714b6461c 9912->9923 9914 7ff714b64cda 9933 7ff714b64ac8 9914->9933 9916 7ff714b64cfb std::_Throw_Cpp_error 9919 7ff714b64da2 9916->9919 9920 7ff714b64d74 9916->9920 9917 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9918 7ff714b64d92 9917->9918 9918->9302 9945 7ff714b6e008 9919->9945 9920->9917 9924 7ff714b64742 9923->9924 9925 7ff714b64651 9923->9925 9959 7ff714b64fe4 9924->9959 9926 7ff714b6465f std::_Throw_Cpp_error memcpy_s 9925->9926 9928 7ff714b6467d 9925->9928 9930 7ff714b646af 9925->9930 9926->9914 9950 7ff714b63250 9928->9950 9930->9926 9932 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 9930->9932 9932->9926 9934 7ff714b64b0d 9933->9934 9974 7ff714b64748 9934->9974 9936 7ff714b64b1c 9984 7ff714b64e18 9936->9984 9939 7ff714b66504 std::_Xinvalid_argument 53 API calls 9940 7ff714b64b64 9939->9940 9996 7ff714b64f18 9940->9996 9942 7ff714b64b77 9943 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9942->9943 9944 7ff714b64b98 9943->9944 9944->9916 9946 7ff714b6de7c _invalid_parameter_noinfo 53 API calls 9945->9946 9947 7ff714b6e021 9946->9947 9948 7ff714b6e038 _invalid_parameter_noinfo_noreturn 17 API calls 9947->9948 9949 7ff714b6e036 9948->9949 9951 7ff714b6325d 9950->9951 9952 7ff714b63283 9950->9952 9953 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 9951->9953 9954 7ff714b63410 Concurrency::cancel_current_task 2 API calls 9952->9954 9955 7ff714b63265 9953->9955 9956 7ff714b63289 9954->9956 9957 7ff714b6326d 9955->9957 9958 7ff714b6e008 _invalid_parameter_noinfo_noreturn 53 API calls 9955->9958 9957->9926 9958->9952 9962 7ff714b654d8 9959->9962 9967 7ff714b65454 9962->9967 9965 7ff714b665c0 std::_Throw_Cpp_error 2 API calls 9966 7ff714b654fa 9965->9966 9970 7ff714b66504 9967->9970 9969 7ff714b65488 9969->9965 9971 7ff714b66525 9970->9971 9972 7ff714b6655a __std_exception_destroy 9970->9972 9971->9972 9973 7ff714b6fba4 std::_Xinvalid_argument 53 API calls 9971->9973 9972->9969 9973->9972 9975 7ff714b64778 9974->9975 9976 7ff714b6485a 9974->9976 9978 7ff714b64786 std::_Throw_Cpp_error memcpy_s 9975->9978 9979 7ff714b647a3 9975->9979 9981 7ff714b647d2 9975->9981 9977 7ff714b64fe4 std::_Throw_Cpp_error 55 API calls 9976->9977 9980 7ff714b6485f 9977->9980 9978->9936 9982 7ff714b63250 std::_Throw_Cpp_error 67 API calls 9979->9982 9981->9978 9983 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 9981->9983 9982->9978 9983->9978 9985 7ff714b64e49 9984->9985 9987 7ff714b64e5e 9984->9987 10001 7ff714b64ff8 9985->10001 9988 7ff714b64ff8 std::_Throw_Cpp_error 67 API calls 9987->9988 9989 7ff714b64e96 9988->9989 9990 7ff714b64f18 std::_Throw_Cpp_error 53 API calls 9989->9990 9991 7ff714b64ea1 std::_Throw_Cpp_error 9990->9991 9992 7ff714b64f18 std::_Throw_Cpp_error 53 API calls 9991->9992 9993 7ff714b64eb5 9992->9993 9994 7ff714b63730 std::_Throw_Cpp_error 8 API calls 9993->9994 9995 7ff714b64b35 9994->9995 9995->9939 9997 7ff714b64fb0 9996->9997 9998 7ff714b64f40 std::_Throw_Cpp_error 9996->9998 9997->9942 9998->9997 9999 7ff714b6e008 _invalid_parameter_noinfo_noreturn 53 API calls 9998->9999 10000 7ff714b64fe2 9999->10000 10002 7ff714b650a1 10001->10002 10004 7ff714b65026 std::_Throw_Cpp_error memcpy_s 10001->10004 10005 7ff714b64860 10002->10005 10004->9987 10006 7ff714b648a4 10005->10006 10016 7ff714b64a4e 10005->10016 10008 7ff714b648b8 10006->10008 10011 7ff714b648fa 10006->10011 10007 7ff714b64fe4 std::_Throw_Cpp_error 55 API calls 10009 7ff714b64a54 10007->10009 10010 7ff714b63250 std::_Throw_Cpp_error 67 API calls 10008->10010 10013 7ff714b648f5 std::_Throw_Cpp_error memcpy_s 10010->10013 10012 7ff714b63aa8 std::_Throw_Cpp_error 67 API calls 10011->10012 10011->10013 10012->10013 10014 7ff714b649b3 std::_Throw_Cpp_error memcpy_s 10013->10014 10015 7ff714b6e008 _invalid_parameter_noinfo_noreturn 53 API calls 10013->10015 10014->10004 10015->10016 10016->10007

                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                          Function 00007FF714B621F0 Relevance: 82.6, APIs: 35, Strings: 12, Instructions: 324windowsynchronizationlibraryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 0 7ff714b621f0-7ff714b6223e CreateMutexW 1 7ff714b626a8 0->1 2 7ff714b62244-7ff714b62251 WaitForSingleObject 0->2 3 7ff714b626ad-7ff714b626d8 call 7ff714b63730 1->3 2->1 4 7ff714b62257-7ff714b6236f CreateEventW call 7ff714b6518c CreateEventW LoadLibraryW GetProcAddress call 7ff714b7a200 call 7ff714b61b60 2->4 13 7ff714b62370-7ff714b62377 4->13 13->13 14 7ff714b62379-7ff714b6237c 13->14 15 7ff714b62612-7ff714b6262e MessageBoxW 14->15 16 7ff714b62382-7ff714b623a9 GetCurrentProcess NtQueryInformationProcess 14->16 17 7ff714b62633 15->17 18 7ff714b623b0-7ff714b623b7 16->18 19 7ff714b62635-7ff714b62639 17->19 18->18 20 7ff714b623b9-7ff714b623cb 18->20 21 7ff714b6263b-7ff714b62649 SetEvent 19->21 22 7ff714b62681-7ff714b626a2 FreeLibrary CloseHandle call 7ff714b63d50 19->22 23 7ff714b623cd-7ff714b623ee call 7ff714b6e43c 20->23 24 7ff714b623f3-7ff714b6246b GetCurrentProcess SetPriorityClass LoadCursorW RegisterClassExW 20->24 26 7ff714b62715-7ff714b6271f call 7ff714b64ed0 21->26 27 7ff714b6264f-7ff714b62657 GetCurrentThreadId 21->27 38 7ff714b626d9-7ff714b626de call 7ff714b6e4a4 22->38 39 7ff714b626a4-7ff714b626a6 22->39 23->24 29 7ff714b6246d-7ff714b62472 24->29 30 7ff714b62477-7ff714b624bd CreateWindowExW 24->30 36 7ff714b62720-7ff714b6272a call 7ff714b64ed0 26->36 35 7ff714b6265d-7ff714b62674 call 7ff714b653b0 27->35 27->36 29->17 31 7ff714b624de-7ff714b62516 call 7ff714b63aa8 call 7ff714b6e35c 30->31 32 7ff714b624bf-7ff714b624d9 MessageBoxW 30->32 52 7ff714b6251b-7ff714b62523 31->52 32->17 49 7ff714b6272b-7ff714b62735 call 7ff714b64ed0 35->49 50 7ff714b6267a-7ff714b6267d 35->50 36->49 53 7ff714b626df-7ff714b626e9 call 7ff714b64ed0 38->53 39->3 50->22 55 7ff714b62529-7ff714b6252c 52->55 56 7ff714b62706-7ff714b62714 call 7ff714b64ed0 52->56 66 7ff714b626ea-7ff714b626f4 call 7ff714b64ed0 53->66 58 7ff714b62700-7ff714b62705 call 7ff714b6e4a4 55->58 59 7ff714b62532-7ff714b6255b GetMessageW 55->59 56->26 58->56 63 7ff714b6255d 59->63 64 7ff714b62598-7ff714b6259b 59->64 68 7ff714b62560-7ff714b62563 63->68 69 7ff714b6259d-7ff714b625aa SetEvent 64->69 70 7ff714b625e2-7ff714b625ff SendMessageW 64->70 78 7ff714b626f5-7ff714b626ff call 7ff714b64ed0 66->78 74 7ff714b62565-7ff714b62579 TranslateMessage DispatchMessageW 68->74 75 7ff714b6257f-7ff714b62596 GetMessageW 68->75 69->53 76 7ff714b625b0-7ff714b625b8 GetCurrentThreadId 69->76 72 7ff714b62607-7ff714b62610 ReleaseMutex 70->72 73 7ff714b62601 CloseHandle 70->73 72->19 73->72 74->75 75->64 75->68 76->66 79 7ff714b625be-7ff714b625d5 call 7ff714b653b0 76->79 78->58 79->78 84 7ff714b625db-7ff714b625de 79->84 84->70
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000005.00000002.2874349844.00007FF714B61000.00000020.00000001.01000000.0000000E.sdmp, Offset: 00007FF714B60000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874301218.00007FF714B60000.00000002.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874427195.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874483360.00007FF714B89000.00000004.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874545018.00007FF714B8C000.00000002.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_5_2_7ff714b60000_bitsumsessionagent.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Cpp_errorThrow_std::_$Message$CreateCurrentEvent$Process$ClassCloseHandleLibraryLoadMutexThread$AddressCursorDispatchFreeInformationObjectPriorityProcQueryRegisterReleaseSendSingleTranslateWaitWindow
                                                                                                                                                                                                                                          • String ID: %s %s=%x %s=%x %s=%x$Bitsum Session Agent$BitsumSessionAgent$Call to CreateWindow failed!$Commandline is of insufficient size!$Local\{878ec006-8bb7-4487-a9d9-6ab726fdad61}$NtQueryInformationProcess$P$fpid$ipc0$litm$ntdll.dll
                                                                                                                                                                                                                                          • API String ID: 128566541-281584719
                                                                                                                                                                                                                                          • Opcode ID: 8236548b2b6498a49b944c22faf7232eea625dbc4ebdb2164ab96ad995b5fa79
                                                                                                                                                                                                                                          • Instruction ID: 5f966455db7ee3e774522f35a3b1f93eed97e52f55fa11578c4fb9ed952689cd
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8236548b2b6498a49b944c22faf7232eea625dbc4ebdb2164ab96ad995b5fa79
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9AE17531908F8296F734EF36E8902A9B3A1FF95768F904235DA5D42AA4EF3CD549C710
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                          Function 00007FF714B629E0 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 242registryCOMMON
                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                          control_flow_graph 242 7ff714b629e0-7ff714b62a18 call 7ff714b61200 245 7ff714b62cfc-7ff714b62d06 call 7ff714b61060 242->245 246 7ff714b62a1e-7ff714b62a41 242->246 250 7ff714b62d07-7ff714b62d11 call 7ff714b61060 245->250 251 7ff714b62a4e-7ff714b62a5c call 7ff714b619d0 246->251 252 7ff714b62a43-7ff714b62a4c call 7ff714b61660 246->252 259 7ff714b62a5d-7ff714b62a73 251->259 252->259 260 7ff714b62ac6-7ff714b62aca 259->260 261 7ff714b62a75-7ff714b62a78 259->261 262 7ff714b62acc-7ff714b62ad3 260->262 263 7ff714b62b04 260->263 261->245 264 7ff714b62a7e-7ff714b62a88 261->264 262->245 265 7ff714b62ad9-7ff714b62adf 262->265 267 7ff714b62b07-7ff714b62b1a 263->267 266 7ff714b62a90-7ff714b62a98 264->266 268 7ff714b62ae0-7ff714b62ae8 265->268 269 7ff714b62aa8-7ff714b62aaa 266->269 270 7ff714b62a9a-7ff714b62aa1 266->270 271 7ff714b62b1c-7ff714b62b25 267->271 272 7ff714b62b28-7ff714b62b2b 267->272 275 7ff714b62af8-7ff714b62afa 268->275 276 7ff714b62aea-7ff714b62af1 268->276 278 7ff714b62aad-7ff714b62ab2 269->278 270->266 277 7ff714b62aa3-7ff714b62aa6 270->277 271->272 273 7ff714b62c79 272->273 274 7ff714b62b31-7ff714b62b74 RegCreateKeyExW 272->274 282 7ff714b62c7c-7ff714b62c87 call 7ff714b61200 273->282 279 7ff714b62b7a-7ff714b62bb7 RegQueryValueExW 274->279 280 7ff714b62c49-7ff714b62c50 274->280 283 7ff714b62afd-7ff714b62b02 275->283 276->268 281 7ff714b62af3-7ff714b62af6 276->281 277->278 285 7ff714b62aba-7ff714b62abd 278->285 286 7ff714b62ab4-7ff714b62ab8 278->286 288 7ff714b62bbd-7ff714b62bd4 RegCloseKey call 7ff714b61200 279->288 289 7ff714b62c43 RegCloseKey 279->289 290 7ff714b62c52-7ff714b62c78 call 7ff714b63730 280->290 281->283 297 7ff714b62c89-7ff714b62ca2 282->297 298 7ff714b62cf1-7ff714b62cfb call 7ff714b61060 282->298 283->263 283->267 287 7ff714b62ac0-7ff714b62ac4 285->287 286->287 287->260 287->261 288->250 299 7ff714b62bda-7ff714b62bf3 288->299 289->280 304 7ff714b62cae-7ff714b62cbc call 7ff714b619d0 297->304 305 7ff714b62ca4-7ff714b62cac call 7ff714b61660 297->305 298->245 308 7ff714b62bf5-7ff714b62bfe call 7ff714b61660 299->308 309 7ff714b62c00-7ff714b62c09 call 7ff714b619d0 299->309 314 7ff714b62cbd-7ff714b62cdf call 7ff714b62d20 304->314 305->314 316 7ff714b62c0e-7ff714b62c36 call 7ff714b62d20 308->316 309->316 322 7ff714b62cea-7ff714b62cec 314->322 323 7ff714b62ce1-7ff714b62ce4 314->323 316->282 321 7ff714b62c38-7ff714b62c41 316->321 321->282 322->290 323->322
                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                            • Part of subcall function 00007FF714B61200: GetProcessHeap.KERNEL32 ref: 00007FF714B61249
                                                                                                                                                                                                                                          • RegCreateKeyExW.KERNELBASE ref: 00007FF714B62B6C
                                                                                                                                                                                                                                          • RegQueryValueExW.KERNELBASE ref: 00007FF714B62BAB
                                                                                                                                                                                                                                          • RegCloseKey.ADVAPI32 ref: 00007FF714B62C43
                                                                                                                                                                                                                                          • RegCloseKey.ADVAPI32 ref: 00007FF714B62BC3
                                                                                                                                                                                                                                            • Part of subcall function 00007FF714B61660: FindResourceExW.KERNEL32(00000000,?,00000000,00007FF714B61558), ref: 00007FF714B616BD
                                                                                                                                                                                                                                            • Part of subcall function 00007FF714B61660: FindResourceW.KERNEL32(?,00000000,00007FF714B61558), ref: 00007FF714B61728
                                                                                                                                                                                                                                            • Part of subcall function 00007FF714B61660: LoadResource.KERNEL32(?,00000000,00007FF714B61558), ref: 00007FF714B61740
                                                                                                                                                                                                                                            • Part of subcall function 00007FF714B61660: LockResource.KERNEL32(?,00000000,00007FF714B61558), ref: 00007FF714B61752
                                                                                                                                                                                                                                            • Part of subcall function 00007FF714B61660: SizeofResource.KERNEL32(?,00000000,00007FF714B61558), ref: 00007FF714B6176A
                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                          • Source File: 00000005.00000002.2874349844.00007FF714B61000.00000020.00000001.01000000.0000000E.sdmp, Offset: 00007FF714B60000, based on PE: true
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874301218.00007FF714B60000.00000002.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874427195.00007FF714B7B000.00000002.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874483360.00007FF714B89000.00000004.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          • Associated: 00000005.00000002.2874545018.00007FF714B8C000.00000002.00000001.01000000.0000000E.sdmpDownload File
                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                          • Snapshot File: hcaresult_5_2_7ff714b60000_bitsumsessionagent.jbxd
                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                          • API ID: Resource$CloseFind$CreateHeapLoadLockProcessQuerySizeofValue
                                                                                                                                                                                                                                          • String ID: agentrefreshrate
                                                                                                                                                                                                                                          • API String ID: 4289629412-718543578
                                                                                                                                                                                                                                          • Opcode ID: 16629ecb85a86f6d5f5d678b2133b8a326ddfa6b759679b018d45c9135c4b321
                                                                                                                                                                                                                                          • Instruction ID: 912f16236bf6f56725954a585a9496882f74a97077de05abff3be85508ec6b65
                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 16629ecb85a86f6d5f5d678b2133b8a326ddfa6b759679b018d45c9135c4b321
                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B691AD66B08A41A6FB38FF26C4902BDA3A0FB46BA8F804136DE1D477D5DE38D549C350
                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                          Uniqueness Score: -1.00%